41 matches found
CVE-2018-14931
An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. An open redirect exists via a /IntellectMain.jsp?IntellectSystem= URI...
CVE-2018-14930
An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. CSRF can occur via a /CollatWebApp/gcmsRefInsert?name=SUPP URI...
Open redirect
An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. An open redirect exists via a /IntellectMain.jsp?IntellectSystem= URI...
Cross site request forgery (csrf)
An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. CSRF can occur via a /CollatWebApp/gcmsRefInsert?name=SUPP URI...
Sql injection
An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. Input passed through the code parameter in three pages as collaterals/colexe3t.jsp and /references/refsuppu.jsp and /references/refbranu.jsp is mishandled before being used in SQL queries, allowing SQL injecti...
CVE-2018-14930
The CVE-2018-14930 entry concerns the Polaris FT Intellect Core Banking 9.7.1 Armor module where a CSRF vulnerability can be triggered via the URI /CollatWebApp/gcmsRefInsert?name=SUPP. The incident is documented in multiple sources (NVD, CVE pages, and Prion/CVELIST records) with consistent desc...
CVE-2018-14930
An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. CSRF can occur via a /CollatWebApp/gcmsRefInsert?name=SUPP URI...
CVE-2018-14874
An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. Input passed through the code parameter in three pages as collaterals/colexe3t.jsp and /references/refsuppu.jsp and /references/refbranu.jsp is mishandled before being used in SQL queries, allowing SQL injecti...
CVE-2018-14874
The CVE-2018-14874 entry concerns Polaris FT Intellect Core Banking 9.7.1 (Armor module). The vulnerability arises when user input passed through the code parameter on three JSP pages (collaterals/colexe3t.jsp, /references/refsuppu.jsp, /references/refbranu.jsp) is mishandled before being embedde...
CVE-2018-14875
An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. Reflected XSS exists with an authenticated session via the Customerid, formName, FrameId, or MODE parameter...
CVE-2018-14875
The CVE-2018-14875 entry applies to Polaris FT Intellect Core Banking 9.7.1 (Core and Portal modules). The issue is a Reflected XSS vulnerability that can occur within an authenticated session via the Customerid, formName, FrameId, or MODE parameters. The available references document the vulnera...
CVE-2018-14931
An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. An open redirect exists via a /IntellectMain.jsp?IntellectSystem= URI...
CVE-2018-14931
Polarisft Intellect Core Banking Software Version 9.7.1 contains an open redirect in the Core and Portal modules reachable via /IntellectMain.jsp?IntellectSystem=. The open redirect could allow an attacker to redirect users to a malicious site, enabling phishing or credential-stealing scenarios. ...
Intellect Design Arena Intellect Core banking software cross-site scripting vulnerability
Intellect Design Arena Intellect Core banking software is a banking management system from Intellect Design Arena India. A cross-site scripting vulnerability exists in Intellect Design Arena Intellect Core banking software. A remote attacker can exploit this vulnerability to execute arbitrary JS...
CVE-2015-6540
Cross-site scripting XSS vulnerability in Intellect Design Arena Intellect Core banking software...
Cross site scripting
Cross-site scripting XSS vulnerability in Intellect Design Arena Intellect Core banking software...
CVE-2015-6540
Cross-site scripting XSS vulnerability in Intellect Design Arena Intellect Core banking software...
CVE-2015-6540
CVE-2015-6540 describes a Cross-Site Scripting (XSS) vulnerability in Intellect Design Arena Intellect Core banking software (Armar module). The connected 0day/The vulnerability details indicate an arbitrary client-side JavaScript execution capability after login via a crafted link, potentially e...
Intellect Core Cross Site Scripting Vulnerability
Intellect Core banking software suffers from a cross site scripting vulnerability. Vendor: ==================== Intellect Design Arena Polaris Product: =================== Intellect Core banking software Armar module Vulnerability Type: ========================== Cross site scripting - XSS CVE...
Intellect Core Cross Site Scripting
Credits: Mayank Sahu + Email: [email protected] Vendor: ==================== Intellect Design Arena Polaris Product: =================== Intellect Core banking software Armar module Vulnerability Type: ========================== Cross site scripting - XSS CVE Reference: ==============...