Unrated severityNVD Advisory· Published Dec 29, 2025· Updated Dec 29, 2025
WELLTEND TECHNOLOGY| BPMFlowWebkit - Arbitrary File Upload
CVE-2025-15228
Description
BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
Affected products
2- WELLTEND TECHNOLOGY/BPMFlowWebkitv5Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.twcert.org.tw/en/cp-139-10605-426b6-2.htmlmitrethird-party-advisory
- www.twcert.org.tw/tw/cp-132-10604-c65aa-1.htmlmitrethird-party-advisory
News mentions
0No linked articles in our index yet.