47 matches found
CVE-2021-28126
index.jsp in TranzWare e-Commerce Payment Gateway TWEC PG before 3.1.27.5 had a Stored cross-site scripting XSS vulnerability...
CVE-2021-28126
index.jsp in TranzWare e-Commerce Payment Gateway TWEC PG before 3.1.27.5 had a Stored cross-site scripting XSS vulnerability...
Code injection
/exec in TranzWare e-Commerce Payment Gateway TWEC PG before 3.1.27.5 had a vulnerability in its XML parser...
Cross site scripting
index.jsp in TranzWare e-Commerce Payment Gateway TWEC PG before 3.1.27.5 had a Stored cross-site scripting XSS vulnerability...
CVE-2021-28109
TranzWare POI FIMI before 4.2.20.4.2 allows logintw.php reflected Cross-Site Scripting XSS...
CVE-2021-28109
TranzWare POI FIMI before 4.2.20.4.2 allows logintw.php reflected Cross-Site Scripting XSS...
Cross site scripting
TranzWare POI FIMI before 4.2.20.4.2 allows logintw.php reflected Cross-Site Scripting XSS...
CVE-2021-28126
The CVE-2021-28126 entry concerns TranzWare e-Commerce Payment Gateway (TWEC PG) prior to version 3.1.27.5, where index.jsp contains a stored XSS vulnerability. This is documented across multiple connected records (Red Hat, NVD, CVE lists, and regional advisories) and is specific to the TWEC PG’s...
CVE-2021-28126
index.jsp in TranzWare e-Commerce Payment Gateway TWEC PG before 3.1.27.5 had a Stored cross-site scripting XSS vulnerability...
CVE-2021-28110
/exec in TranzWare e-Commerce Payment Gateway TWEC PG before 3.1.27.5 had a vulnerability in its XML parser...
CVE-2021-28110
CVE-2021-28110 affects TranzWare e-Commerce Payment Gateway (TWEC PG) prior to version 3.1.27.5, due to a vulnerability in its XML parser. The issue is described without exploitation details in the provided sources, with CVSSv3.1 base score 7.5 (Network attack, no privileges required, high availa...
CVE-2021-28109
TranzWare POI FIMI before 4.2.20.4.2 allows logintw.php reflected Cross-Site Scripting XSS...
CVE-2021-28109
The CVE-2021-28109 issue affects TranzWare (POI) FIMI prior to version 4.2.20.4.2, where login_tw.php is vulnerable to reflected Cross-Site Scripting. Root cause is a reflected XSS in login_tw.php. Impact is typical XSS exposure; details on exploitation are not provided. Remediation: upgrade to 4...
Compass Plus e-Commerce Payment Gateway 代码问题漏洞
Compass Plus e-Commerce Payment Gateway is an application interface of the Russian company Compass Plus. It provides an API interface for payment functions. A security vulnerability exists in TranzWare e-Commerce Payment Gateway before 3.1.27.5, which is caused by a vulnerability in the XML parse...
Compass Plus Compass TranzWare 跨站脚本漏洞
Compass Plus Compass TranzWare is an application of the Russian company Compass Plus. It provides a debit card transaction functionality. A cross-site scripting vulnerability exists in TranzWare POI FIMI before 4.2.20.4.2, which originates in logintw.php...
Compassplus TranzWare Payment Gateway Cross-Site Scripting Vulnerability (CNVD-2020-66082)
Compassplus TranzWare Payment Gateway is a software from Compassplus UK that can provide payment services. A security vulnerability exists in TranzWare Payment Gateway version 3.1.12.3.2, which can be exploited by an attacker to execute arbitrary HTML code via a crafted url...
Compassplus TranzWare Payment Gateway Cross-Site Scripting Vulnerability
Compassplus TranzWare Payment Gateway is a software from Compassplus UK that can provide payment services. A security vulnerability exists in Compassplus TranzWare Payment Gateway version 3.1.12.3.2, which can be exploited by an attacker to execute arbitrary HTML code via a crafted url...
CVE-2020-28415
A reflected cross-site scripting XSS vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url different vector than CVE-2020-28414...
CVE-2020-28414
A reflected cross-site scripting XSS vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url different vector than CVE-2020-28415...
CVE-2020-28414
A reflected cross-site scripting XSS vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url different vector than CVE-2020-28415...