CVE 2024-5311
DigiWin EasyFlow .NET lacks validation for certain input parameters. An unauthenticated remote attacker can inject arbitrary SQL commands to read, modify, and delete database records.
See the
CVE page on Mitre.org
for more details.