Welltend Technology Bpmflowwebkit vulnerabilities
2 known vulnerabilities affecting welltend_technology/bpmflowwebkit.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2025-15228P2CRITICALCVSS 9.8fixed in 5.0.52025-12-29
CVE-2025-15228 [CRITICAL] CWE-434 CVE-2025-15228: BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Upload vulnerability, allowing u
BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
nvd
CVE-2025-15227P3HIGHCVSS 7.5fixed in 5.0.52025-12-29
CVE-2025-15227 [HIGH] CWE-36 CVE-2025-15227: BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Read vulnerability, allowing una
BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files.
nvd