Lucene search
K

19 matches found

Cvelist
Cvelist
added 2026/02/24 2:59 p.m.21 views

CVE-2026-27584 ActualBudget server is Missing Authentication for SimpleFIN and Pluggy AI bank sync endpoints

Actual is a local-first personal finance tool. Prior to version 26.2.1, missing authentication middleware in the ActualBudget server component allows any unauthenticated user to query the SimpleFIN and Pluggy.ai integration endpoints and read sensitive bank account balance and transaction...

9.2CVSS0.00395EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-1573

Malware in sbrugna...

6.1CVSS6.3AI score0.01056EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 5:30 a.m.3 views

CVE-2017-1000443

Eleix Openhacker version 0.1.47 is vulnerable to a XSS vulnerability in the bank transactions component resulting in arbitrary code execution in the browser...

6.1CVSS7.3AI score0.01056EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2024/06/14 4:29 p.m.73 views

Truist bank confirms data breach

On Wednesday June 12, 2024, a well-known dark web data broker and cybercriminal acting under the name "Sp1d3r" offered a significant amount of data allegedly stolen from Truist Bank for sale. Truist is a US bank holding company and operates 2,781 branches in 15 states and Washington DC. By assets...

7.7AI score
Exploits0
ThreatPost
ThreatPost
added 2020/08/27 11:14 a.m.18 views

Revamped Qbot Trojan Packs New Punch: Hijacks Email Threads

Attacks attributed to the Qbot trojan, known as the “Swiss Army knife” of malware, are on the uptick with a reported 100,000 recent infections, according to researchers. Qbot, an ever-evolving information-stealing trojan that’s been around since 2008, has shifted tactics again and adopted a bevy ...

Exploits0References8
OSV
OSV
added 2020/03/30 5:15 p.m.12 views

CVE-2019-7755

In webERP 4.15, the Import Bank Transactions function fails to sanitize the content of imported MT940 bank statement files, resulting in the execution of arbitrary SQL queries, aka SQL Injection...

8.8CVSS7.6AI score
Exploits0References3
Prion
Prion
added 2020/03/30 5:15 p.m.18 views

Sql injection

In webERP 4.15, the Import Bank Transactions function fails to sanitize the content of imported MT940 bank statement files, resulting in the execution of arbitrary SQL queries, aka SQL Injection...

6.5CVSS8.9AI score0.0213EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2020/03/30 4:49 p.m.23 views

CVE-2019-7755

In webERP 4.15, the Import Bank Transactions function fails to sanitize the content of imported MT940 bank statement files, resulting in the execution of arbitrary SQL queries, aka SQL Injection...

9AI score0.0213EPSS
Exploits1References3
CVE
CVE
added 2020/03/30 4:49 p.m.52 views

CVE-2019-7755

CVE-2019-7755 affects webERP 4.15 where the Import Bank Transactions function fails to sanitize MT940 files, enabling arbitrary SQL queries (SQL Injection). Root cause: missing input validation in the MT940 importer. Impact: high (per CVSS3.1), with potential leakage/modification of data and disr...

8.8CVSS8.9AI score0.0213EPSS
Exploits1References3Affected Software1
CNVD
CNVD
added 2018/01/08 12:0 a.m.3 views

Eleix Openhacker bank transactions component cross-site scripting vulnerability

Eleix Openhacker is an open source code hosting system. bank transactions component is one of the business management component. A cross-site scripting vulnerability exists in the bank transactions component of Eleix Openhacker version 0.1.47. A remote attacker can exploit this vulnerability to...

6.1CVSS7AI score0.01056EPSS
Exploits0References1
NVD
NVD
added 2018/01/02 2:29 p.m.17 views

CVE-2017-1000443

Eleix Openhacker version 0.1.47 is vulnerable to a XSS vulnerability in the bank transactions component resulting in arbitrary code execution in the browser...

6.1CVSS6.5AI score0.01056EPSS
Exploits0References2
OSV
OSV
added 2018/01/02 2:29 p.m.18 views

CVE-2017-1000443

Eleix Openhacker version 0.1.47 is vulnerable to a XSS vulnerability in the bank transactions component resulting in arbitrary code execution in the browser...

6.1CVSS6.6AI score
Exploits0References2
Prion
Prion
added 2018/01/02 2:29 p.m.18 views

Cross site scripting

Eleix Openhacker version 0.1.47 is vulnerable to a XSS vulnerability in the bank transactions component resulting in arbitrary code execution in the browser...

4.3CVSS6.4AI score0.01056EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2018/01/02 2:0 p.m.44 views

CVE-2017-1000443

The CVE-2017-1000443 entry concerns Eleix Openhacker version 0.1.47, with a Cross-Site Scripting (XSS) vulnerability in the bank transactions component. The issue enables arbitrary code execution in the browser when the vulnerable bank transactions functionality is processed, as described in the ...

6.1CVSS6.4AI score0.01056EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/01/02 2:0 p.m.21 views

CVE-2017-1000443

Eleix Openhacker version 0.1.47 is vulnerable to a XSS vulnerability in the bank transactions component resulting in arbitrary code execution in the browser...

6.5AI score0.01056EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2013/09/15 3:45 p.m.13 views

NSA Intelligence Agency spies on International Credit Card Transactions including Visa

"The truth is coming, and it cannot be stopped", Edward Snowden. The National Security Agency isn't just snooping into phone and online communications. It also appears to be keeping a close eye on credit card transactions. New reports published by Der Spiegel exposed that The National Security...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2013/09/15 4:45 a.m.33 views

NSA Intelligence Agency spies on International Credit Card Transactions including Visa

"The truth is coming, and it cannot be stopped", Edward Snowden. The National Security Agency isn’t just snooping into phone and online communications. It also appears to be keeping a close eye on credit card transactions. New reports published by Der Spiegel exposed that The National Security...

6.5AI score
Exploits0
Packet Storm
Packet Storm
added 2012/12/18 12:0 a.m.46 views

MyBB Bank Transactions 2.0 SQL Injection

Exploit Title: MyBB Bank Transactions Plugin SQL Injection Google Dork: inurl:bank.php?transactions= Date: 13.12.2012 Exploit Author: limb0 Vendor Homepage: http://mods.mybb.com/view/transactions Software Link: www.kingofpersia.ir Version: 2.0 Category:Web Security Tested on: Linux...

Exploits0
The Hacker News
The Hacker News
added 2012/04/21 6:41 p.m.9 views

Specialized Trojan can stealing credit card details from hotel

Specialized Trojan can stealing credit card details from hotel The next time you check in to a hotel, a cybercriminal could be checking you out. A remote access computer Trojan RAT designed to steal credit card details from hotel point-of-sale PoS applications is being sold on the underground...

6.7AI score
Exploits0
Rows per page
Query Builder