Filtered by vendor Ibm Subscriptions
Filtered by product Financial Transaction Manager Subscriptions
Total 46 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-35892 1 Ibm 1 Financial Transaction Manager 2024-09-26 7.1 High
IBM Financial Transaction Manager for SWIFT Services 3.2.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 258786.
CVE-2020-4555 1 Ibm 1 Financial Transaction Manager 2024-09-17 5.4 Medium
IBM Financial Transaction Manager 3.0.6 and 3.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 183328.
CVE-2018-1392 1 Ibm 1 Financial Transaction Manager 2024-09-17 N/A
IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for Multi-Platform could allow an authenticated user to execute a specially crafted command that could obtain sensitive information. IBM X-Force ID: 138377.
CVE-2021-29841 2 Ibm, Linux 5 Aix, Financial Transaction Manager, Linux On Ibm Z and 2 more 2024-09-17 5.4 Medium
IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 205045.
CVE-2019-4575 1 Ibm 1 Financial Transaction Manager 2024-09-17 9.8 Critical
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.9 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 166801.
CVE-2019-4032 1 Ibm 1 Financial Transaction Manager 2024-09-17 9.8 Critical
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-ForceID: 155998.
CVE-2020-5000 1 Ibm 1 Financial Transaction Manager 2024-09-17 5.4 Medium
IBM Financial Transaction Manager 3.2.0 through 3.2.8 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 192952.
CVE-2021-39066 1 Ibm 1 Financial Transaction Manager 2024-09-17 8.8 High
IBM Financial Transaction Manager 3.2.4 does not invalidate session any existing session identifier gives an attacker the opportunity to steal authenticated sessions. IBM X-Force ID: 215040.
CVE-2018-1670 1 Ibm 1 Financial Transaction Manager 2024-09-17 N/A
IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2 could allow an authenticated user to obtain sensitive product configuration information from log files. IBM X-Force ID: 144946.
CVE-2021-39044 1 Ibm 1 Financial Transaction Manager 2024-09-17 8.8 High
IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 214210.
CVE-2020-4560 1 Ibm 1 Financial Transaction Manager 2024-09-17 6.1 Medium
IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2018-2026 1 Ibm 1 Financial Transaction Manager 2024-09-17 N/A
IBM Financial Transaction Manager 3.2.1 for Digital Payments could allow an authenticated user to obtain a directory listing of internal product files. IBM X-Force ID: 155552.
CVE-2018-1393 1 Ibm 1 Financial Transaction Manager 2024-09-16 N/A
IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.6 could allow an authenticated user to execute a specially crafted command that could obtain sensitive information. IBM X-Force ID: 138378.
CVE-2018-1819 1 Ibm 1 Financial Transaction Manager 2024-09-16 N/A
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2, 3.0.4, 3.0.6, and 3.2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-force ID: 150023.
CVE-2018-1391 1 Ibm 1 Financial Transaction Manager 2024-09-16 N/A
IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for Multi-Platform could allow an authenticated user to execute a specially crafted command that could cause a denial of service. IBM X-Force ID: 138376.
CVE-2018-1790 1 Ibm 1 Financial Transaction Manager 2024-09-16 N/A
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 148944.
CVE-2018-1390 1 Ibm 1 Financial Transaction Manager 2024-09-16 N/A
IBM Financial Transaction Manager for Check Services for Multi-Platform 3.0, 3.0.2, and 3.0.2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138221.
CVE-2020-5003 1 Ibm 1 Financial Transaction Manager 2024-09-16 9.1 Critical
IBM Financial Transaction Manager 3.2.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 192956.
CVE-2018-1871 1 Ibm 1 Financial Transaction Manager 2024-09-16 N/A
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.0, 3.0.2, and 3.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 151329.
CVE-2017-1758 1 Ibm 3 Control Center, Financial Transaction Manager, Transformation Extender Advanced 2024-09-16 N/A
IBM Financial Transaction Manager for ACH Services for Multi-Platform (IBM Control Center 6.0 and 6.1, IBM Financial Transaction Manager 3.0.2, 3.0.3, 3.0.4, and 3.1.0, IBM Transformation Extender Advanced 9.0) is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 135859.