CVSS: 5.4EPSS: 0%CPEs: 6EXPL: 0CVE-2016-0274
https://notcve.org/view.php?id=CVE-2016-0274
09 Mar 2018 — IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to conduct clickjacking attacks via a crafted web site. IBM X-Force ID: 111076. IBM Financial Transaction Manager (FTM) for ACH Services f... • http://www-01.ibm.com/support/docview.wss?uid=swg21977245 • CWE-254: 7PK - Security Features •
CVSS: 3.3EPSS: 0%CPEs: 6EXPL: 0CVE-2016-0275
https://notcve.org/view.php?id=CVE-2016-0275
09 Mar 2018 — IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows local users to obtain sensitive information via vectors related to cacheable HTTPS responses. IBM Financial Transaction Manager (FTM) for ACH Services for ... • http://www-01.ibm.com/support/docview.wss?uid=swg21977245 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-0276
https://notcve.org/view.php?id=CVE-2016-0276
09 Mar 2018 — IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service (JMS) ObjectMessage object. IBM X-Force ID: 111084. IBM Financial ... • http://www-01.ibm.com/support/docview.wss?uid=swg21977245 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2017-1606
https://notcve.org/view.php?id=CVE-2017-1606
11 Dec 2017 — IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) 3.0.0.0 through 3.0.0.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 132926. IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) en versiones 3.0.0.0 hasta la 3.0.0.7 es vulnerable a una inyección SQL. Un atacante remoto podría enviar instrucciones SQL especialmente man... • http://www.ibm.com/support/docview.wss?uid=swg22011179 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.4EPSS: 0%CPEs: 48EXPL: 0CVE-2017-1160
https://notcve.org/view.php?id=CVE-2017-1160
17 Apr 2017 — IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.0.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 122892. IBM Financial Transaction Manager para ACH Services para Multi-Platform 3.0.0.x es vulnerable a las secuencias de comandos entre sitios. Esta vulnerabilidad permite a los usuari... • http://www.ibm.com/support/docview.wss?uid=swg22001574 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.7EPSS: 0%CPEs: 47EXPL: 0CVE-2016-3060
https://notcve.org/view.php?id=CVE-2016-3060
29 Oct 2016 — Payments Director in IBM Financial Transaction Manager (FTM) for ACH Services, Check Services, and Corporate Payment Services (CPS) 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to conduct clickjacking attacks via a crafted web site. Payments Director en IBM Financial Transaction Manager (FTM) para ACH Services, Check Services y Corporate Payment Services (CPS) 3.0.0.x en versiones anteriores a fp0015 y 3.0.1.0 en versiones anteriores a iFix0002 permite a usuarios remot... • http://www-01.ibm.com/support/docview.wss?uid=swg1PI64063 • CWE-284: Improper Access Control •
CVSS: 5.4EPSS: 0%CPEs: 47EXPL: 0CVE-2016-5920
https://notcve.org/view.php?id=CVE-2016-5920
29 Oct 2016 — Cross-site scripting (XSS) vulnerability in the Web UI in IBM Financial Transaction Manager (FTM) for ACH Services 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en la Web UI en IBM Financial Transaction Manager (FTM) para ACH Services 3.0.0.x en versiones anteriores a fp0015 y 3.0.1.0 en versiones anteriores a iFix0002 permite a usuarios remotos autenticados inyectar secuencias de coma... • http://www-01.ibm.com/support/docview.wss?uid=swg1PI67537 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-0231
https://notcve.org/view.php?id=CVE-2016-0231
15 Feb 2016 — IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3.0.0 before FP12 allows remote authenticated users to obtain sensitive information by reading exception details in error logs. IBM Financial Transaction Manager (FTM) para ACH Services, Check Services y Corporate Payment Services (CPS) 3.0.0 en versiones anteriores a FP12 permite a usuarios remotos autenticados obtener información sensible mediante la lectura de detalles de excepción en logs de err... • http://www-01.ibm.com/support/docview.wss?uid=swg1PI56757 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 36EXPL: 0CVE-2016-0232
https://notcve.org/view.php?id=CVE-2016-0232
15 Feb 2016 — IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3.0.0 before FP12 allows remote authenticated users to obtain sensitive information by reading README files. IBM Financial Transaction Manager (FTM) para ACH Services, Check Services y Corporate Payment Services (CPS) 3.0.0 en versiones anteriores a FP12 permite a usuarios remotos autenticados obtener información sensible mediante la lectura de archivos README. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI56757 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 13EXPL: 0CVE-2014-8917
https://notcve.org/view.php?id=CVE-2014-8917
28 Jan 2015 — Multiple cross-site scripting (XSS) vulnerabilities in (1) dojox/form/resources/uploader.swf (aka upload.swf), (2) dojox/form/resources/fileuploader.swf (aka fileupload.swf), (3) dojox/av/resources/audio.swf, and (4) dojox/av/resources/video.swf in the IBM Dojo Toolkit, as used in IBM Social Media Analytics 1.3 before IF11 and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de XSS en (1) dojox/form/resources/uploader.swf (tamb... • http://secunia.com/advisories/62590 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •