VYPR

Bpm Suite

by Polymita Technologies

CVEs (3)

  • CVE-2025-67282Jan 9, 2026
    risk 0.00cvss epss 0.00

    In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Authorization Bypass vulnerabilities exists which allow a low privileged user to download password hashes of other user, access work items of other user, modify restricted content in workflows, modify the applications logo and…

  • CVE-2025-67281Jan 9, 2026
    risk 0.00cvss epss 0.00

    In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple SQL injection vulnerabilities exists which allow a low privileged and administrative user to access the database and its content.

  • CVE-2008-1342Mar 17, 2008
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in the search feature in Polymita BPM-Suite and CollagePortal allow remote attackers to inject arbitrary web script or HTML via the (1) _q and (2) lucene_index_field_value parameters. NOTE: the provenance of this information…