Vulnerabilities (CVE)

Filtered by vendor Misys Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-5655 1 Misys 1 Fusioncapital Opics Plus 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
Misys FusionCapital Opics Plus does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate.
CVE-2016-5654 1 Misys 1 Fusioncapital Opics Plus 2024-11-21 8.5 HIGH 7.5 HIGH
Misys FusionCapital Opics Plus allows remote authenticated users to gain privileges via a man-in-the-middle attack that modifies the xmlMessageOut parameter.
CVE-2016-5653 1 Misys 1 Fusioncapital Opics Plus 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
Multiple SQL injection vulnerabilities in Misys FusionCapital Opics Plus allow remote authenticated users to execute arbitrary SQL commands via the (1) ID or (2) Branch parameter.