Vulnerabilities and Security Researches

Vulnerabilities and security researches forzoho-flow zoho-flow

Direction: ascending

Sep 29, 2024

Zoho Flow # CVE-2024-47334

CVE, Research URL: CVE-2024-47334
Home page URL: Security reports for Zoho Flow
Application: Zoho Flow
Date: Oct 09, 2024
Research Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Zoho Flow Zoho Flow for WordPress allows SQL Injection.This issue affects Zoho Flow for WordPress: from n/a through 2.7.1.
Affected versions: max 2.8.1.
Status: vulnerable

Apr 03, 2025

Zoho Flow # CVE-2025-31408

CVE, Research URL: CVE-2025-31408
Home page URL: Security reports for Zoho Flow
Application: Zoho Flow
Date: Apr 01, 2025
Research Description: Missing Authorization vulnerability in Zoho Flow allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zoho Flow: from n/a through 2.13.3.
Affected versions: max 2.13.3.
Status: vulnerable