13 matches found
Vulnerabilities fixed in Oracle Financial Services Applications
Oracle has fixed vulnerabilities in several Financial Services applications. A malicious party could exploit the vulnerabilities to execute attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Remote code execution...
Vulnerabilities fixed in Oracle Financial Services Applications
Vulnerabilities have been fixed in Oracle Financial Services Applications products. A malicious party could exploit them to launch attacks that can result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Accessing sensitive data Oracle has...
ebankIT 6 Cross Site Scripting
CVE-2023-30454 Description An issue was discovered in ebankIT before version 7. Document Object Model based XSS exists within the /Security/Transactions/Transactions.aspx endpoint. Users can supply their own JavaScript within the...
Vulnerabilities fixed in Oracle Financial Services Applications
Vulnerabilities have been fixed in Oracle Financial Services Applications. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution User righ...
Vulnerabilities fixed in Oracle Financial Services Applications
Oracle has fixed vulnerabilities in the following Financial Services applications: - Oracle Banking Deposits and Lines of Credit Servicing - Oracle Banking Enterprise Default Management - Oracle Banking Loans Servicing - Oracle Banking Party Management - Oracle Banking Payments - Oracle Banking...
Vulnerabilities fixed in Oracle Financial Services Applications
Oracle has fixed vulnerabilities in the following Oracle Financial Services Applications products: Financial Services Analytical Applications Infrastructure FLEXCUBE Investor Servicing FLEXCUBE Private Banking Banking Platform Financial Services Behavior Detection Platform Financial Services...
Grupo Crk Banking Business Platform Cross-Site Scripting Vulnerability
Grupo Crk Banking Business Platform is a business management software from Grupo Crk, Portugal. A cross-site scripting vulnerability exists in CRK Business Platform version 2019.1 and prior versions, which stems from the application lacking proper validation of client-side data CRK, IDContratante...
Grupo Crk Banking Business Platform SQL Injection Vulnerability
Grupo Crk Banking Business Platform is a business management software from Grupo Crk, Portugal. A SQL injection vulnerability exists in CRK Business Platform version 2019.1 and prior versions that stems from allowing SQL statements to be injected into the database using the strSessao parameter...
FasterXML Jackson-databind Deserialization Multiple Remote Code Execution Vulnerabilities
Description FasterXML Jackson-databind is prone to multiple remote-code execution vulnerabilities. Successfully exploiting these issues allow attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. Jackson-databi...
FasterXML Jackson-databind Polymorphic Deserialization Multiple Security Vulnerability
Description FasterXML Jackson-databind is prone to multiple security vulnerabilities. Successfully exploiting these issues may allow an attacker to execute arbitrary code, bypass certain security restrictions, perform unauthorized actions or obtain potentially sensitive information. Failed exploi...
SQL Injection Vulnerability in Process Banking Infrastructure Platform of Beijing Yinsan Gold Service Technology Co.
The basic platform of process bank is to take the process as the object of IT system implementation, intending to build a commercial bank "assembly line" work platform, according to the product, business line, the process of IT curing, optimization, and ultimately build a complete set of IT syste...
OWASP AntiSamy CVE-2017-14735 Cross Site Scripting Vulnerability
Description OWASP AntiSamy is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the...
Novell NetIQ Sentinel CVE-2016-1000031 Remote Code Execution Vulnerability
Description Novell NetIQ Sentinel is prone to a security vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Novell NetIQ Sentinel version 7.4x are vulnerable. Technologies Affected Apache Commons FileUpload 1.0...