Lucene search
K

4195 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2019/08/02 11:45 a.m.24 views

Security Bulletin: Financial Transaction Manager for Digital Payments is affected by a potential cross-site scripting (XSS) vulnerability (CVE-2018-15494)

Summary Financial Transaction Manager for Digital Payments FTM DP for Multi-Platform has addressed the following vulnerability. A potential cross-site scripting vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading...

9.8CVSS0.3AI score0.02611EPSS
Exploits2Affected Software1
NVD
NVD
added 2019/07/31 6:15 p.m.21 views

CVE-2019-3958

Insufficient output sanitization in WallacePOS 1.4.3 allows a remote, authenticated attacker to conduct persistent cross-site scripting XSS attacks via a crafted sales transaction...

5.4CVSS5.1AI score0.00855EPSS
Exploits1References1
OSV
OSV
added 2019/07/31 6:15 p.m.15 views

CVE-2019-3958

Insufficient output sanitization in WallacePOS 1.4.3 allows a remote, authenticated attacker to conduct persistent cross-site scripting XSS attacks via a crafted sales transaction...

5.4CVSS5.5AI score
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/31 5:15 p.m.21 views

Security Bulletin: Financial Transaction Manager for Corporate Payment Services for Multi-Platform v2.1.1 is affected by a potential cross-site scripting (XSS) vulnerability (CVE-2018-15494)

Summary Financial Transaction Manager for Corporate Payment Services for Multi-Platform FTM CPS has addressed the following vulnerability. A potential cross-site scripting vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...

9.8CVSS0.6AI score0.02611EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/29 4:16 p.m.20 views

Security Bulletin: Vulnerability in IBM Java Runtime affect Financial Transaction Manager for Digital Payments

Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by Financial Transaction Manager for Digital Payments. Financial Transaction Manager for Digital Payments FTM DP has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2019-2684 DESCRIPTION: An unspecifi...

5.9CVSS1.3AI score0.37618EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/29 4:4 p.m.34 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Financial Transaction Manager for Digital Payments

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by Financial Transaction Manager for Digital Payments. Financial Transaction Manager for Digital Payments FTM DP has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2018-1890 DESCRIPTION: I...

9.8CVSS1.3AI score0.02744EPSS
Exploits1Affected Software1
OSV
OSV
added 2019/07/29 12:15 p.m.1 views

DEBIAN-CVE-2019-14379

SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup, leading to remote code execution...

9.8CVSS7.8AI score0.08045EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/26 12:5 a.m.18 views

Security Bulletin: Financial Transaction Manager for Digital Payments is affected by a potential SQL Injection vulnerability (CVE-2019-4032)

Summary Financial Transaction Manager for Digital Payments FTM DP for Multi-Platform has addressed the following vulnerability. A potential blind SQL injection on a web service. Vulnerability Details CVEID: CVE-2019-4032 DESCRIPTION: IBM Financial Transaction Manager for Digital Payments for...

9.8CVSS0.5AI score0.01551EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/26 12:5 a.m.16 views

Security Bulletin: Financial Transaction Manager for Corporate Payment Services is affected by a potential SQL Injection vulnerability (CVE-2019-4032)

Summary IBM Financial Transaction Manager for Corporate Payment Services FTM CPS for Multi-Platform has addressed the following vulnerability. A potential Blind SQL injection on a web service. Vulnerability Details CVEID: CVE-2019-4032 DESCRIPTION: IBM Financial Transaction Manager for Digital...

9.8CVSS0.9AI score0.01551EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/25 7:55 p.m.12 views

Security Bulletin: Financial Transaction Manager for Digital Payments is affected by a potential directory listing of internal product files vulnerability (CVE-2018-2026)

Summary Financial Transaction Manager for Digital Payments FTM DP for Multi-Platform has addressed the following vulnerability. A potential directory listing vulnerability could allow an authenticated user to obtain a directory listing of internal product files. Vulnerability Details CVEID:...

4.3CVSS0.3AI score0.0136EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/25 7:30 p.m.19 views

Security Bulletin: Financial Transaction Manager for Digital Payments is affected by a potential cross-site scripting (XSS) vulnerability (CVE-2018-1871)

Summary Financial Transaction Manager for Digital Payments FTM DP for Multi-Platform has addressed the following vulnerability. A potential cross-site scripting vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading...

5.4CVSS1.1AI score0.00968EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/25 7:20 p.m.20 views

Security Bulletin: Financial Transaction Manager for Digital Payments is affected by a potential cross-site request forgery vulnerability (CVE-2018-1790)

Summary Financial Transaction Manager for Digital Payments FTM DP for Multi-Platform has addressed the following vulnerability. A potential cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

8.8CVSS1AI score0.00527EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/25 7:0 p.m.20 views

Security Bulletin: Financial Transaction Manager for Digital Payments: Information Leakage in configuration listing (CVE-2018-1670)

Summary IBM Financial Transaction Manager for Digital Payments FTM DP for Multi-Platform could allow an authenticated user to obtain sensitive product configuration information from log files. Vulnerability Details CVEID: CVE-2018-1670 DESCRIPTION: IBM Financial Transaction Manager for ACH Servic...

4.3CVSS0.6AI score0.01208EPSS
Exploits0Affected Software1
Veracode
Veracode
added 2019/07/18 5:59 a.m.12 views

Cross-site Scripting (XSS)

grumpydictator/firefly-iii is vulnerable to cross-site scripting XSS. The attack is possible because it does not escape the user provided data in budget name, allowing an attacker to inject malicious script in a transaction to get executed on the tags/show/$tagnumber$ tag summary page...

5.4CVSS5.2AI score0.00762EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2019/07/18 2:17 a.m.10 views

CVE-2019-13644

Firefly III before 4.7.17.1 is vulnerable to stored XSS due to lack of filtration of user-supplied data in a budget name. The JavaScript code is contained in a transaction, and is executed on the tags/show/$tagnumber$ tag summary page. NOTE: It is asserted that an attacker must have the same acce...

6AI score0.00762EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/12 7:45 p.m.28 views

Security Bulletin: Vulnerability in IBM Java Runtime affect Financial Transaction Manager for ACH Services for Multi-Platform

Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 7 or Version 8 by Financial Transaction Manager for ACH Services for Multi-Platform FTM ACH. Financial Transaction Manager for ACH Services for Multi-Platform has addressed the applicable CVE. Vulnerability Details CVEID:...

5.9CVSS2.4AI score0.37618EPSS
Exploits0Affected Software1
NVD
NVD
added 2019/07/11 9:15 p.m.31 views

CVE-2018-17196

In Apache Kafka versions between 0.11.0.0 and 2.1.0, it is possible to manually craft a Produce request which bypasses transaction/idempotent ACL validation. Only authenticated clients with Write permission on the respective topics are able to exploit this vulnerability. Users should upgrade to...

8.8CVSS6.8AI score0.05479EPSS
Exploits0References11
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/11 1:5 p.m.21 views

Security Bulletin: Path Traversal exposure in the Save/Export function of the FTM OAC

Summary The "Save/Export" function available on all search result displays tabulated results is potentially vulnerable to a Path Traversal type attack. Vulnerability Details CVEID: CVE-2018-1847 DESCRIPTION: IBM Financial Transaction Manager FTM for Multi-Platform MP could allow a remote attacker...

6.5CVSS2.2AI score0.0205EPSS
Exploits0Affected Software1
Kitploit
Kitploit
added 2019/07/09 10:11 p.m.76 views

Regipy - An OS Independent Python Library For Parsing Offline Registry Hives

Regipy is a python library for parsing offline registry hives. regipy has a lot of capabilities: Use as a library: Recurse over the registry hive, from root or a given path and get all subkeys and values Read specific subkeys and values Apply transaction logs on a registry hive Command Line Tools...

7.3AI score
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2019/06/28 3:45 p.m.13 views

Security Bulletin: Financial Transaction Manager for ACH Services is affected by a potential cross-site request forgery vulnerability (CVE-2018-1790)

Summary IBM Financial Transaction Manager for ACH Services FTM ACH for Multi-Platform has addressed the following vulnerability. A potential cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

8.8CVSS1.7AI score0.00527EPSS
Exploits0Affected Software1
Rows per page
Query Builder