Total
46 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-4560 | 1 Ibm | 1 Financial Transaction Manager | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2018-1790 | 1 Ibm | 1 Financial Transaction Manager | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 148944. | |||||
| CVE-2018-2026 | 1 Ibm | 1 Financial Transaction Manager | 2024-02-28 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Financial Transaction Manager 3.2.1 for Digital Payments could allow an authenticated user to obtain a directory listing of internal product files. IBM X-Force ID: 155552. | |||||
| CVE-2018-1670 | 1 Ibm | 1 Financial Transaction Manager | 2024-02-28 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2 could allow an authenticated user to obtain sensitive product configuration information from log files. IBM X-Force ID: 144946. | |||||
| CVE-2019-4032 | 1 Ibm | 1 Financial Transaction Manager | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-ForceID: 155998. | |||||
| CVE-2018-1819 | 1 Ibm | 1 Financial Transaction Manager | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2, 3.0.4, 3.0.6, and 3.2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-force ID: 150023. | |||||
| CVE-2018-1871 | 1 Ibm | 1 Financial Transaction Manager | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
| IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.0, 3.0.2, and 3.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 151329. | |||||
| CVE-2016-0253 | 1 Ibm | 1 Financial Transaction Manager | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 110562. | |||||
| CVE-2018-1392 | 1 Ibm | 1 Financial Transaction Manager | 2024-02-28 | 3.5 LOW | 3.1 LOW |
| IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for Multi-Platform could allow an authenticated user to execute a specially crafted command that could obtain sensitive information. IBM X-Force ID: 138377. | |||||
| CVE-2016-0268 | 1 Ibm | 1 Financial Transaction Manager | 2024-02-28 | 4.0 MEDIUM | 4.3 MEDIUM |
| XML external entity (XXE) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 110915. | |||||
| CVE-2016-0274 | 1 Ibm | 1 Financial Transaction Manager | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
| IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to conduct clickjacking attacks via a crafted web site. IBM X-Force ID: 111076. | |||||
| CVE-2018-1393 | 1 Ibm | 1 Financial Transaction Manager | 2024-02-28 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.6 could allow an authenticated user to execute a specially crafted command that could obtain sensitive information. IBM X-Force ID: 138378. | |||||
| CVE-2016-0276 | 1 Ibm | 1 Financial Transaction Manager | 2024-02-28 | 6.5 MEDIUM | 6.3 MEDIUM |
| IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service (JMS) ObjectMessage object. IBM X-Force ID: 111084. | |||||
| CVE-2016-0272 | 1 Ibm | 1 Financial Transaction Manager | 2024-02-28 | 6.0 MEDIUM | 8.0 HIGH |
| Cross-site request forgery (CSRF) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to hijack the authentication of arbitrary users via unspecified vectors. IBM X-Force ID: 111052. | |||||
| CVE-2017-1758 | 1 Ibm | 3 Control Center, Financial Transaction Manager, Transformation Extender Advanced | 2024-02-28 | 5.5 MEDIUM | 7.1 HIGH |
| IBM Financial Transaction Manager for ACH Services for Multi-Platform (IBM Control Center 6.0 and 6.1, IBM Financial Transaction Manager 3.0.2, 3.0.3, 3.0.4, and 3.1.0, IBM Transformation Extender Advanced 9.0) is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 135859. | |||||
| CVE-2016-0275 | 1 Ibm | 1 Financial Transaction Manager | 2024-02-28 | 2.1 LOW | 3.3 LOW |
| IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows local users to obtain sensitive information via vectors related to cacheable HTTPS responses. | |||||
| CVE-2018-1391 | 1 Ibm | 1 Financial Transaction Manager | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for Multi-Platform could allow an authenticated user to execute a specially crafted command that could cause a denial of service. IBM X-Force ID: 138376. | |||||
| CVE-2018-1390 | 1 Ibm | 1 Financial Transaction Manager | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
| IBM Financial Transaction Manager for Check Services for Multi-Platform 3.0, 3.0.2, and 3.0.2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138221. | |||||
| CVE-2017-1606 | 1 Ibm | 1 Financial Transaction Manager | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) 3.0.0.0 through 3.0.0.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 132926. | |||||
| CVE-2017-1538 | 1 Ibm | 1 Financial Transaction Manager | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2 could allow an authenticated user to obtain sensitive information from an undocumented URL. IBM X-Force ID: 130735. | |||||