CVE-2025-36148

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.15 IBM Financial Transaction Manager SWIFT is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the...

CVE-2021-39066

IBM Financial Transaction Manager 3.2.4 does not invalidate session any existing session identifier gives an attacker the opportunity to steal authenticated sessions. IBM X-Force ID: 215040...

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms Information Disclosure Vulnerability (CNVD-2020-73015)

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms is a financial transaction manager product from IBM, USA. The product is primarily used for monitoring, tracking and reporting financial payments and transactions. An information disclosure vulnerability exists in IBM Financi...

CVE-2020-4906

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 allows web pages to be stored locally which can be read by another user on the system...

CVE-2019-4743

IBM Financial Transaction Manager 3.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link...

CVE-2019-4032

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-ForceID: 155998...

CVE-2018-1670

IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2 could allow an authenticated user to obtain sensitive product configuration information from log files. IBM X-Force ID: 144946...

CVE-2018-1819

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2, 3.0.4, 3.0.6, and 3.2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end databas...

CVE-2016-0272

Cross-site request forgery CSRF vulnerability in IBM Financial Transaction Manager FTM for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager FTM for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manage...

CVE-2017-1606

IBM Financial Transaction Manager FTM for Multi-Platform MP 3.0.0.0 through 3.0.0.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID:...

CVE-2017-1160

IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.0.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

CVE-2016-0232

IBM Financial Transaction Manager FTM for ACH Services, Check Services and Corporate Payment Services CPS 3.0.0 before FP12 allows remote authenticated users to obtain sensitive information by reading README files...