Lucene search
K

47 matches found

NVD
NVD
added 2021/03/19 4:15 a.m.14 views

CVE-2021-28126

index.jsp in TranzWare e-Commerce Payment Gateway TWEC PG before 3.1.27.5 had a Stored cross-site scripting XSS vulnerability...

6.1CVSS0.00624EPSS
Exploits0References1
OSV
OSV
added 2021/03/19 4:15 a.m.3 views

CVE-2021-28126

index.jsp in TranzWare e-Commerce Payment Gateway TWEC PG before 3.1.27.5 had a Stored cross-site scripting XSS vulnerability...

6.1CVSS6.3AI score0.00624EPSS
Exploits0References1
Prion
Prion
added 2021/03/19 4:15 a.m.11 views

Code injection

/exec in TranzWare e-Commerce Payment Gateway TWEC PG before 3.1.27.5 had a vulnerability in its XML parser...

5CVSS7.5AI score0.00978EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/03/19 4:15 a.m.17 views

Cross site scripting

index.jsp in TranzWare e-Commerce Payment Gateway TWEC PG before 3.1.27.5 had a Stored cross-site scripting XSS vulnerability...

4.3CVSS5.9AI score0.00624EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2021/03/19 3:15 a.m.17 views

CVE-2021-28109

TranzWare POI FIMI before 4.2.20.4.2 allows logintw.php reflected Cross-Site Scripting XSS...

6.1CVSS0.0071EPSS
Exploits0References2
OSV
OSV
added 2021/03/19 3:15 a.m.4 views

CVE-2021-28109

TranzWare POI FIMI before 4.2.20.4.2 allows logintw.php reflected Cross-Site Scripting XSS...

6.1CVSS6.4AI score0.0071EPSS
Exploits0References2
Prion
Prion
added 2021/03/19 3:15 a.m.10 views

Cross site scripting

TranzWare POI FIMI before 4.2.20.4.2 allows logintw.php reflected Cross-Site Scripting XSS...

4.3CVSS6AI score0.0071EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/03/19 3:7 a.m.63 views

CVE-2021-28126

The CVE-2021-28126 entry concerns TranzWare e-Commerce Payment Gateway (TWEC PG) prior to version 3.1.27.5, where index.jsp contains a stored XSS vulnerability. This is documented across multiple connected records (Red Hat, NVD, CVE lists, and regional advisories) and is specific to the TWEC PG’s...

6.1CVSS5.9AI score0.00624EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/03/19 3:7 a.m.18 views

CVE-2021-28126

index.jsp in TranzWare e-Commerce Payment Gateway TWEC PG before 3.1.27.5 had a Stored cross-site scripting XSS vulnerability...

6.1AI score0.00624EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/03/19 3:1 a.m.21 views

CVE-2021-28110

/exec in TranzWare e-Commerce Payment Gateway TWEC PG before 3.1.27.5 had a vulnerability in its XML parser...

7.7AI score0.00978EPSS
Exploits0References1
CVE
CVE
added 2021/03/19 3:1 a.m.63 views

CVE-2021-28110

CVE-2021-28110 affects TranzWare e-Commerce Payment Gateway (TWEC PG) prior to version 3.1.27.5, due to a vulnerability in its XML parser. The issue is described without exploitation details in the provided sources, with CVSSv3.1 base score 7.5 (Network attack, no privileges required, high availa...

7.5CVSS7.5AI score0.00978EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/03/19 2:56 a.m.28 views

CVE-2021-28109

TranzWare POI FIMI before 4.2.20.4.2 allows logintw.php reflected Cross-Site Scripting XSS...

6.3AI score0.0071EPSS
Exploits0References2
CVE
CVE
added 2021/03/19 2:56 a.m.62 views

CVE-2021-28109

The CVE-2021-28109 issue affects TranzWare (POI) FIMI prior to version 4.2.20.4.2, where login_tw.php is vulnerable to reflected Cross-Site Scripting. Root cause is a reflected XSS in login_tw.php. Impact is typical XSS exposure; details on exploitation are not provided. Remediation: upgrade to 4...

6.1CVSS6AI score0.0071EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/03/19 12:0 a.m.4 views

Compass Plus e-Commerce Payment Gateway 代码问题漏洞

Compass Plus e-Commerce Payment Gateway is an application interface of the Russian company Compass Plus. It provides an API interface for payment functions. A security vulnerability exists in TranzWare e-Commerce Payment Gateway before 3.1.27.5, which is caused by a vulnerability in the XML parse...

7.5CVSS7.3AI score0.00978EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/03/18 12:0 a.m.4 views

Compass Plus Compass TranzWare 跨站脚本漏洞

Compass Plus Compass TranzWare is an application of the Russian company Compass Plus. It provides a debit card transaction functionality. A cross-site scripting vulnerability exists in TranzWare POI FIMI before 4.2.20.4.2, which originates in logintw.php...

6.1CVSS5.9AI score0.0071EPSS
Exploits0References3
CNVD
CNVD
added 2020/11/23 12:0 a.m.3 views

Compassplus TranzWare Payment Gateway Cross-Site Scripting Vulnerability (CNVD-2020-66082)

Compassplus TranzWare Payment Gateway is a software from Compassplus UK that can provide payment services. A security vulnerability exists in TranzWare Payment Gateway version 3.1.12.3.2, which can be exploited by an attacker to execute arbitrary HTML code via a crafted url...

6.1CVSS7.4AI score0.01077EPSS
Exploits0References1
CNVD
CNVD
added 2020/11/23 12:0 a.m.3 views

Compassplus TranzWare Payment Gateway Cross-Site Scripting Vulnerability

Compassplus TranzWare Payment Gateway is a software from Compassplus UK that can provide payment services. A security vulnerability exists in Compassplus TranzWare Payment Gateway version 3.1.12.3.2, which can be exploited by an attacker to execute arbitrary HTML code via a crafted url...

6.1CVSS7.4AI score0.01077EPSS
Exploits0References1
NVD
NVD
added 2020/11/12 8:15 p.m.22 views

CVE-2020-28415

A reflected cross-site scripting XSS vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url different vector than CVE-2020-28414...

6.1CVSS6AI score0.01077EPSS
Exploits0References2
NVD
NVD
added 2020/11/12 8:15 p.m.22 views

CVE-2020-28414

A reflected cross-site scripting XSS vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url different vector than CVE-2020-28415...

6.1CVSS6AI score0.01077EPSS
Exploits0References2
OSV
OSV
added 2020/11/12 8:15 p.m.4 views

CVE-2020-28414

A reflected cross-site scripting XSS vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url different vector than CVE-2020-28415...

6.1CVSS6.6AI score0.01077EPSS
Exploits0References2
Rows per page
Query Builder