Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
financial transaction manager vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2021-39066
IBM Financial Transaction Manager 3.2.4 does not invalidate session any existing session identifier gives an attacker the opportunity to steal authenticated sessions. IBM X-Force ID: 215040.
Ibm Financial Transaction Manager 3.2.4
6.4
CVSSv2
CVE-2020-5003
IBM Financial Transaction Manager 3.2.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 192956.
Ibm Financial Transaction Manager 3.2.4
4.3
CVSSv2
CVE-2020-4560
IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Ibm Financial Transaction Manager 3.2.4.0
4
CVSSv2
CVE-2018-1847
IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) v2.0.0.0 up to and including 2.0.0.5, v2.1.0.0 up to and including 2.1.0.4, v2.1.1.0 up to and including 2.1.1.4, and v3.0.0.0 up to and including 3.0.0.8 could allow a remote malicious user to traverse directories o...
Ibm Financial Transaction Manager For Multiplatform
4.3
CVSSv2
CVE-2019-4742
IBM Financial Transaction Manager 3.0 could allow a remote malicious user to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly l...
Ibm Financial Transaction Manager For Multiplatform 3.0.0.0
4.3
CVSSv2
CVE-2019-4743
IBM Financial Transaction Manager 3.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to t...
Ibm Financial Transaction Manager For Multiplatform 3.0.0.0
6.5
CVSSv2
CVE-2020-4328
IBM Financial Transaction Manager 3.2.4 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database. IBM X-Force ID: 177839.
Ibm Financial Transaction Manager For Multiplatform 3.2.4
NA
CVE-2022-43871
IBM Financial Transaction Manager for SWIFT Services 3.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trust...
Ibm Financial Transaction Manager For Multiplatform 3.2.4
4.3
CVSSv2
CVE-2019-4736
IBM Financial Transaction Manager 3.0 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 172706.
Ibm Financial Transaction Manager For Multiplatform 3.0.0.0
4.3
CVSSv2
CVE-2020-4905
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow an remote malicious user to obtain sensitive information, caused by a man in the middle attack. By SSL striping, an attacker could exploit this vulnerability to obtain sensitive information.
Ibm Financial Transaction Manager For Multiplatform 3.2.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »