16 matches found
EUVD-2018-6756
Malware in sbrugna...
CVE-2024-55517
An issue was discovered in the Interllect Core Search in Polaris FT Intellect Core Banking 9.5. Input passed through the groupType parameter in /SCGController is mishandled before being used in SQL queries, allowing SQL injection in an authenticated session...
CVE-2024-55517
An issue was discovered in the Interllect Core Search in Polaris FT Intellect Core Banking 9.5. Input passed through the groupType parameter in /SCGController is mishandled before being used in SQL queries, allowing SQL injection in an authenticated session...
Polaris Intellect Core Banking SQL注入漏洞
Polaris Intellect Core Banking is an application from Polaris, Inc. A security vulnerability exists in Polaris Intellect Core Banking version 9.5, which stems from input passed via the groupType parameter in /SCGController being incorrectly processed before being used in an SQL query...
CVE-2024-55517
An issue was discovered in the Interllect Core Search in Polaris FT Intellect Core Banking 9.5. Input passed through the groupType parameter in /SCGController is mishandled before being used in SQL queries, allowing SQL injection in an authenticated session...
CVE-2018-14930
An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. CSRF can occur via a /CollatWebApp/gcmsRefInsert?name=SUPP URI...
CVE-2018-14874
An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. Input passed through the code parameter in three pages as collaterals/colexe3t.jsp and /references/refsuppu.jsp and /references/refbranu.jsp is mishandled before being used in SQL queries, allowing SQL injecti...
CVE-2018-14931
An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. An open redirect exists via a /IntellectMain.jsp?IntellectSystem= URI...
CVE-2018-14931
An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. An open redirect exists via a /IntellectMain.jsp?IntellectSystem= URI...
Sql injection
An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. Input passed through the code parameter in three pages as collaterals/colexe3t.jsp and /references/refsuppu.jsp and /references/refbranu.jsp is mishandled before being used in SQL queries, allowing SQL injecti...
Cross site request forgery (csrf)
An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. CSRF can occur via a /CollatWebApp/gcmsRefInsert?name=SUPP URI...
CVE-2018-14930
The CVE-2018-14930 entry concerns the Polaris FT Intellect Core Banking 9.7.1 Armor module where a CSRF vulnerability can be triggered via the URI /CollatWebApp/gcmsRefInsert?name=SUPP. The incident is documented in multiple sources (NVD, CVE pages, and Prion/CVELIST records) with consistent desc...
CVE-2018-14930
An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. CSRF can occur via a /CollatWebApp/gcmsRefInsert?name=SUPP URI...
CVE-2018-14931
Polarisft Intellect Core Banking Software Version 9.7.1 contains an open redirect in the Core and Portal modules reachable via /IntellectMain.jsp?IntellectSystem=. The open redirect could allow an attacker to redirect users to a malicious site, enabling phishing or credential-stealing scenarios. ...
Intellect Design Arena Intellect Core banking software cross-site scripting vulnerability
Intellect Design Arena Intellect Core banking software is a banking management system from Intellect Design Arena India. A cross-site scripting vulnerability exists in Intellect Design Arena Intellect Core banking software. A remote attacker can exploit this vulnerability to execute arbitrary JS...
Intellect Core Cross Site Scripting
Credits: Mayank Sahu + Email: [email protected] Vendor: ==================== Intellect Design Arena Polaris Product: =================== Intellect Core banking software Armar module Vulnerability Type: ========================== Cross site scripting - XSS CVE Reference: ==============...