19 matches found
CVE-2026-27584 ActualBudget server is Missing Authentication for SimpleFIN and Pluggy AI bank sync endpoints
Actual is a local-first personal finance tool. Prior to version 26.2.1, missing authentication middleware in the ActualBudget server component allows any unauthenticated user to query the SimpleFIN and Pluggy.ai integration endpoints and read sensitive bank account balance and transaction...
EUVD-2017-1573
Malware in sbrugna...
CVE-2017-1000443
Eleix Openhacker version 0.1.47 is vulnerable to a XSS vulnerability in the bank transactions component resulting in arbitrary code execution in the browser...
Truist bank confirms data breach
On Wednesday June 12, 2024, a well-known dark web data broker and cybercriminal acting under the name "Sp1d3r" offered a significant amount of data allegedly stolen from Truist Bank for sale. Truist is a US bank holding company and operates 2,781 branches in 15 states and Washington DC. By assets...
Revamped Qbot Trojan Packs New Punch: Hijacks Email Threads
Attacks attributed to the Qbot trojan, known as the “Swiss Army knife” of malware, are on the uptick with a reported 100,000 recent infections, according to researchers. Qbot, an ever-evolving information-stealing trojan that’s been around since 2008, has shifted tactics again and adopted a bevy ...
CVE-2019-7755
In webERP 4.15, the Import Bank Transactions function fails to sanitize the content of imported MT940 bank statement files, resulting in the execution of arbitrary SQL queries, aka SQL Injection...
Sql injection
In webERP 4.15, the Import Bank Transactions function fails to sanitize the content of imported MT940 bank statement files, resulting in the execution of arbitrary SQL queries, aka SQL Injection...
CVE-2019-7755
In webERP 4.15, the Import Bank Transactions function fails to sanitize the content of imported MT940 bank statement files, resulting in the execution of arbitrary SQL queries, aka SQL Injection...
CVE-2019-7755
CVE-2019-7755 affects webERP 4.15 where the Import Bank Transactions function fails to sanitize MT940 files, enabling arbitrary SQL queries (SQL Injection). Root cause: missing input validation in the MT940 importer. Impact: high (per CVSS3.1), with potential leakage/modification of data and disr...
Eleix Openhacker bank transactions component cross-site scripting vulnerability
Eleix Openhacker is an open source code hosting system. bank transactions component is one of the business management component. A cross-site scripting vulnerability exists in the bank transactions component of Eleix Openhacker version 0.1.47. A remote attacker can exploit this vulnerability to...
CVE-2017-1000443
Eleix Openhacker version 0.1.47 is vulnerable to a XSS vulnerability in the bank transactions component resulting in arbitrary code execution in the browser...
CVE-2017-1000443
Eleix Openhacker version 0.1.47 is vulnerable to a XSS vulnerability in the bank transactions component resulting in arbitrary code execution in the browser...
Cross site scripting
Eleix Openhacker version 0.1.47 is vulnerable to a XSS vulnerability in the bank transactions component resulting in arbitrary code execution in the browser...
CVE-2017-1000443
The CVE-2017-1000443 entry concerns Eleix Openhacker version 0.1.47, with a Cross-Site Scripting (XSS) vulnerability in the bank transactions component. The issue enables arbitrary code execution in the browser when the vulnerable bank transactions functionality is processed, as described in the ...
CVE-2017-1000443
Eleix Openhacker version 0.1.47 is vulnerable to a XSS vulnerability in the bank transactions component resulting in arbitrary code execution in the browser...
NSA Intelligence Agency spies on International Credit Card Transactions including Visa
"The truth is coming, and it cannot be stopped", Edward Snowden. The National Security Agency isn't just snooping into phone and online communications. It also appears to be keeping a close eye on credit card transactions. New reports published by Der Spiegel exposed that The National Security...
NSA Intelligence Agency spies on International Credit Card Transactions including Visa
"The truth is coming, and it cannot be stopped", Edward Snowden. The National Security Agency isn’t just snooping into phone and online communications. It also appears to be keeping a close eye on credit card transactions. New reports published by Der Spiegel exposed that The National Security...
MyBB Bank Transactions 2.0 SQL Injection
Exploit Title: MyBB Bank Transactions Plugin SQL Injection Google Dork: inurl:bank.php?transactions= Date: 13.12.2012 Exploit Author: limb0 Vendor Homepage: http://mods.mybb.com/view/transactions Software Link: www.kingofpersia.ir Version: 2.0 Category:Web Security Tested on: Linux...
Specialized Trojan can stealing credit card details from hotel
Specialized Trojan can stealing credit card details from hotel The next time you check in to a hotel, a cybercriminal could be checking you out. A remote access computer Trojan RAT designed to steal credit card details from hotel point-of-sale PoS applications is being sold on the underground...