cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-5276,https://securityvulnerability.io/vulnerability/CVE-2024-5276,SQL Injection Vulnerability in FileCatalyst Workflow Allows Modification of Application Data,"A SQL Injection vulnerability in Fortra FileCatalyst Workflow permits unauthorized alterations to application data. This may enable attackers to create new administrative users and modify or delete existing data in the application database. While data exfiltration is not possible through this specific vulnerability, an unauthenticated attacker may exploit it if anonymous access is enabled on the Workflow system. Otherwise, an authenticated user is required to carry out the exploitation. The vulnerability affects all versions of FileCatalyst Workflow 5.1.6 Build 135 and earlier.",Fortra,Filecatalyst Workflow,9.8,CRITICAL,0.0017399999778717756,false,,true,false,true,2024-06-26T17:56:06.000Z,,false,false,,2024-06-25T19:13:54.585Z,0
CVE-2024-25153,https://securityvulnerability.io/vulnerability/CVE-2024-25153,Directory Traversal Vulnerability in FileCatalyst Workflow Web Portal Allows File Upload Outside Intended Directory,"The vulnerability CVE-2024-25153 affects the FileCatalyst Workflow Web Portal by Fortra, allowing for a directory traversal that permits files to be uploaded outside of the intended directory. This can be exploited to execute code, including web shells, posing a critical risk to organizations using this solution. Security researcher Tom Wedgbury has released a proof-of-concept exploit, increasing the risk of exploitation. The potential impact of this vulnerability includes the exfiltration of sensitive data, establishing a foothold for launching attacks, and disrupting business operations. Organizations are urged to patch the system immediately and enhance monitoring for any signs of intrusion or suspicious file uploads.",Fortra,Filecatalyst,9.8,CRITICAL,0.002319999970495701,false,,true,false,true,2024-03-13T02:26:10.000Z,true,false,false,,2024-03-13T14:10:36.029Z,0