Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Digiwin — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting Digiwin. AI-powered Chinese analysis, POCs, and references for each vulnerability.

DigiWin develops digital transformation solutions with a core focus on enterprise resource planning systems. Historically, the organization's products have been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for its 14 recorded CVEs. Security researchers have identified authentication bypass weaknesses and insufficient input validation as recurring problems in their software architecture. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities in their enterprise applications suggests a need for enhanced secure coding practices and regular security assessments to mitigate potential exploitation risks.

Top products by Digiwin: EasyFlow .NET EasyFlow GP ERP EAI SFT
CVE IDTitleCVSSSeverityPublished
CVE-2026-5964 Digiwin|EasyFlow .NET - SQL Injection — EasyFlow .NETCWE-89 9.8 Critical2026-04-20
CVE-2026-5963 Digiwin|EasyFlow .NET - SQL Injection — EasyFlow .NETCWE-89 9.8 Critical2026-04-20
CVE-2025-13165 Digiwin|EasyFlow GP - Denial of service — EasyFlow GPCWE-770 7.5 High2025-11-17
CVE-2025-13164 Digiwin|EasyFlow GP - Insufficiently Protected Credentials — EasyFlow GPCWE-522 4.9 Medium2025-11-17
CVE-2025-13163 Digiwin|EasyFlow GP - Insufficiently Protected Credentials — EasyFlow GPCWE-522 4.9 Medium2025-11-17
CVE-2025-12503 Digiwin|EasyFlow .NET and EasyFlow AiNet — EasyFlow .NETCWE-89 6.5 Medium2025-11-03
CVE-2025-11949 Digiwin|EasyFlow .NET and EasyFlow AiNet - Missing Authentication — EasyFlow .NETCWE-306 7.5 High2025-10-21
CVE-2025-7344 Digiwin|EAI - Privilege Escalation — EAICWE-648 8.8 High2025-07-21
CVE-2025-7343 Digiwin|SFT - SQL Injection — SFTCWE-89 9.8 Critical2025-07-21
CVE-2025-2706 Digiwin ERP UploadAjaxAPI.ashx unrestricted upload — ERPCWE-434 6.3 Medium2025-03-24
CVE-2025-2705 Digiwin ERP FileUploadApi.ashx DoWebUpload unrestricted upload — ERPCWE-434 7.3 High2025-03-24
CVE-2024-7323 Digiwin EasyFlow .NET - Arbitrary File Download — EasyFlow .NETCWE-36 6.5 Medium2024-08-02
CVE-2024-5311 DigiWin EasyFlow .NET - SQL Injection — EasyFlow .NETCWE-89 9.8 Critical2024-06-03
CVE-2024-4893 DigiWin EasyFlow .NET - SQL Injection — EasyFlow .NETCWE-89 9.8 Critical2024-05-15

This page lists every published CVE security advisory associated with Digiwin. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.