Ibm

Financial Transaction Manager

46 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2021-39066

  • EPSS 0.18%
  • Veröffentlicht 02.02.2022 12:15:08
  • Zuletzt bearbeitet 21.11.2024 06:18:32

IBM Financial Transaction Manager 3.2.4 does not invalidate session any existing session identifier gives an attacker the opportunity to steal authenticated sessions. IBM X-Force ID: 215040.

5.4

CVE-2021-29841

  • EPSS 0.21%
  • Veröffentlicht 14.09.2021 14:15:10
  • Zuletzt bearbeitet 21.11.2024 06:01:54

IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure wit...

5.4

CVE-2020-5000

  • EPSS 0.26%
  • Veröffentlicht 15.06.2021 20:15:11
  • Zuletzt bearbeitet 21.11.2024 05:33:31

IBM Financial Transaction Manager 3.2.0 through 3.2.8 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials ...

9.1

CVE-2020-5003

  • EPSS 0.33%
  • Veröffentlicht 11.06.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 05:33:32

IBM Financial Transaction Manager 3.2.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-For...

5.5

CVE-2020-4555

  • EPSS 0.26%
  • Veröffentlicht 21.12.2020 18:15:15
  • Zuletzt bearbeitet 21.11.2024 05:32:53

IBM Financial Transaction Manager 3.0.6 and 3.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 183328.

6.1

CVE-2020-4560

  • EPSS 0.13%
  • Veröffentlicht 03.08.2020 13:15:12
  • Zuletzt bearbeitet 21.11.2024 05:32:54

IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure wit...

8.8

CVE-2018-1790

  • EPSS 0.09%
  • Veröffentlicht 10.05.2019 15:29:02
  • Zuletzt bearbeitet 21.11.2024 04:00:22

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. I...

9.8

CVE-2019-4032

  • EPSS 0.36%
  • Veröffentlicht 05.03.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:43:03

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information i...

4.3

CVE-2018-2026

  • EPSS 0.18%
  • Veröffentlicht 23.01.2019 15:29:00
  • Zuletzt bearbeitet 21.11.2024 04:03:36

IBM Financial Transaction Manager 3.2.1 for Digital Payments could allow an authenticated user to obtain a directory listing of internal product files. IBM X-Force ID: 155552.

5.4

CVE-2018-1871

  • EPSS 0.16%
  • Veröffentlicht 06.12.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:30

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.0, 3.0.2, and 3.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended funct...