46 matches found
CVE-2021-28109
TranzWare POI FIMI before 4.2.20.4.2 allows logintw.php reflected Cross-Site Scripting XSS...
CVE-2021-28110
/exec in TranzWare e-Commerce Payment Gateway TWEC PG before 3.1.27.5 had a vulnerability in its XML parser...
EUVD-2021-14811
Malware in sbrugna...
EUVD-2021-14826
Malware in sbrugna...
EUVD-2020-20873
Malware in sbrugna...
EUVD-2021-14812
Malware in sbrugna...
EUVD-2020-20874
Malware in sbrugna...
EUVD-2021-30057
Malicious code in bioql PyPI...
CVE-2021-43106
A Header Injection vulnerability exists in Compass Plus TranzWare Online FIMI Web Interface Tranzware Online TWO 5.3.33.3 F38 and FIMI 4.2.19.4 25.The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the...
CVE-2021-28126
index.jsp in TranzWare e-Commerce Payment Gateway TWEC PG before 3.1.27.5 had a Stored cross-site scripting XSS vulnerability...
CVE-2020-28414
A reflected cross-site scripting XSS vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url different vector than CVE-2020-28415...
CVE-2021-43106
A Header Injection vulnerability exists in Compass Plus TranzWare Online FIMI Web Interface Tranzware Online TWO 5.3.33.3 F38 and FIMI 4.2.19.4 25.The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the...
CVE-2021-43106
A Header Injection vulnerability exists in Compass Plus TranzWare Online FIMI Web Interface Tranzware Online TWO 5.3.33.3 F38 and FIMI 4.2.19.4 25.The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the...
Design/Logic Flaw
A Header Injection vulnerability exists in Compass Plus TranzWare Online FIMI Web Interface Tranzware Online TWO 5.3.33.3 F38 and FIMI 4.2.19.4 25.The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the...
CVE-2021-43106
A Header Injection vulnerability exists in Compass Plus TranzWare Online FIMI Web Interface Tranzware Online TWO 5.3.33.3 F38 and FIMI 4.2.19.4 25.The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the...
CVE-2021-43106
CVE-2021-43106 affects Compass Plus TranzWare Online FIMI Web Interface (TWO) version 5.3.33.3 F38 and FIMI 4.2.19.4. The root cause is improper validation/escaping of the HTTP Host header, leading the server to trust the Host header and redirect requests to a different Domain/IP. Documented impa...
Compass Plus e-Commerce Payment Gateway 安全漏洞
Compass Plus e-Commerce Payment Gateway is an application interface of the Russian company Compass Plus. It provides an API interface for payment functions. A security vulnerability exists in Compass Plus TranzWare Online FIMI Web Interface Tranzware Online TWO 5.3.33.3 F38 and FIMI 4.2.19.4 25,...
CVE-2021-28110
/exec in TranzWare e-Commerce Payment Gateway TWEC PG before 3.1.27.5 had a vulnerability in its XML parser...
CVE-2021-28110
/exec in TranzWare e-Commerce Payment Gateway TWEC PG before 3.1.27.5 had a vulnerability in its XML parser...
CVE-2021-28126
index.jsp in TranzWare e-Commerce Payment Gateway TWEC PG before 3.1.27.5 had a Stored cross-site scripting XSS vulnerability...