Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 11:25 a.m.4 views

CVE-2021-28109

TranzWare POI FIMI before 4.2.20.4.2 allows logintw.php reflected Cross-Site Scripting XSS...

6.1CVSS6.4AI score0.0024EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2021-14811

Malware in sbrugna...

6.1CVSS6.3AI score0.0024EPSS
Exploits0References3
NVD
NVDadded 2022/02/14 8:15 p.m.13 views

CVE-2021-43106

A Header Injection vulnerability exists in Compass Plus TranzWare Online FIMI Web Interface Tranzware Online TWO 5.3.33.3 F38 and FIMI 4.2.19.4 25.The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the...

6.1CVSS0.00238EPSS
Exploits1References1
Prion
Prionadded 2022/02/14 8:15 p.m.10 views

Design/Logic Flaw

A Header Injection vulnerability exists in Compass Plus TranzWare Online FIMI Web Interface Tranzware Online TWO 5.3.33.3 F38 and FIMI 4.2.19.4 25.The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the...

5.8CVSS6.4AI score0.00238EPSS
Exploits1References1Affected Software2
Cvelist
Cvelistadded 2022/02/14 7:48 p.m.12 views

CVE-2021-43106

A Header Injection vulnerability exists in Compass Plus TranzWare Online FIMI Web Interface Tranzware Online TWO 5.3.33.3 F38 and FIMI 4.2.19.4 25.The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the...

6.6AI score0.00238EPSS
Exploits1References1
CVE
CVEadded 2022/02/14 7:48 p.m.83 views

CVE-2021-43106

CVE-2021-43106 affects Compass Plus TranzWare Online FIMI Web Interface (TWO) version 5.3.33.3 F38 and FIMI 4.2.19.4. The root cause is improper validation/escaping of the HTTP Host header, leading the server to trust the Host header and redirect requests to a different Domain/IP. Documented impa...

6.1CVSS6.3AI score0.00238EPSS
Exploits1References1Affected Software2
OSV
OSVadded 2021/03/19 3:15 a.m.2 views

CVE-2021-28109

TranzWare POI FIMI before 4.2.20.4.2 allows logintw.php reflected Cross-Site Scripting XSS...

6.1CVSS6.4AI score
Exploits0References2
Prion
Prionadded 2021/03/19 3:15 a.m.7 views

Cross site scripting

TranzWare POI FIMI before 4.2.20.4.2 allows logintw.php reflected Cross-Site Scripting XSS...

4.3CVSS6AI score0.0024EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2021/03/19 2:56 a.m.55 views

CVE-2021-28109

The CVE-2021-28109 issue affects TranzWare (POI) FIMI prior to version 4.2.20.4.2, where login_tw.php is vulnerable to reflected Cross-Site Scripting. Root cause is a reflected XSS in login_tw.php. Impact is typical XSS exposure; details on exploitation are not provided. Remediation: upgrade to 4...

6.1CVSS6AI score0.0024EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2021/03/19 2:56 a.m.14 views

CVE-2021-28109

TranzWare POI FIMI before 4.2.20.4.2 allows logintw.php reflected Cross-Site Scripting XSS...

6.3AI score0.0024EPSS
Exploits0References2
CNNVD
CNNVDadded 2021/03/18 12:0 a.m.1 views

Compass Plus Compass TranzWare 跨站脚本漏洞

Compass Plus Compass TranzWare is an application of the Russian company Compass Plus. It provides a debit card transaction functionality. A cross-site scripting vulnerability exists in TranzWare POI FIMI before 4.2.20.4.2, which originates in logintw.php...

6.1CVSS5.9AI score0.0024EPSS
Exploits0References3
Rows per page
Query Builder