CVE-2023-49880

all versions

In the Message Entry and Repair (MER) facility of IBM Financial Transaction Manager for SWIFT Services 3.2.4 the sending address a

7.5HIGH

CVE-2023-35892

all versions

IBM Financial Transaction Manager for SWIFT Services 3.2.4 is vulnerable to an XML External Entity Injection (XXE) attack when pro

7.1HIGH

CVE-2020-4556

>= 3.2.0 and < 3.2.11

IBM Financial Transaction Manager for High Value Payments for Multi-Platform 3.2.0 through 3.2.10 allows web pages to be stored lo

4.0MEDIUM

CVE-2020-5002

>= 3.2.0 and < 3.2.11

IBM Financial Transaction Manager 3.2.0 through 3.2.10 could allow an authenticated user to perform unauthorized actions due to im

4.3MEDIUM

CVE-2020-5026

>= 3.2.0.0 and <= 3.2.7

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.7 could allow a remote attacker to obt

4.3MEDIUM

CVE-2020-5001

>= 3.2.0 and <= 3.2.7

IBM Financial Transaction Manager 3.2.0 through 3.2.7 could allow a remote attacker to traverse directories on the system. An atta

4.3MEDIUM

CVE-2022-43875

all versions

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow an authenticated user to lock additional

6.2MEDIUM

CVE-2022-43872

all versions

IBM Financial Transaction Manager 3.2.4 authorization checks are done incorrectly for some HTTP requests which allows getting unau

5.3MEDIUM

CVE-2019-4575

>= 3.2.0 and <= 3.2.9

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.9 is vulnerable to SQL injection. A re

9.8CRITICAL

CVE-2021-39066

all versions

IBM Financial Transaction Manager 3.2.4 does not invalidate session any existing session identifier gives an attacker the opportun

8.8HIGH

CVE-2021-39044

all versions

IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malic

8.8HIGH

CVE-2021-29841

all versions

IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary

5.4MEDIUM

CVE-2020-5000

all versions

IBM Financial Transaction Manager 3.2.0 through 3.2.8 is vulnerable to cross-site scripting. This vulnerability allows users to em

5.4MEDIUM

CVE-2020-5003

all versions

IBM Financial Transaction Manager 3.2.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A

9.1CRITICAL

CVE-2020-4555

all versions

IBM Financial Transaction Manager 3.0.6 and 3.1.0 does not invalidate session after logout which could allow an authenticated user

5.4MEDIUM

CVE-2020-4560

all versions

IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary

6.1MEDIUM

CVE-2018-1790

>= 3.0.2.0 and <= 3.0.2.1

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2 is vulnerable to cross-site request forgery which

4.3MEDIUM

CVE-2019-4032

>= 3.1.0.0 and <= 3.1.0.3

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.1.0 is vulnerable to SQL injection. A remote attacker

9.8CRITICAL

CVE-2018-2026

all versions

IBM Financial Transaction Manager 3.2.1 for Digital Payments could allow an authenticated user to obtain a directory listing of in

4.3MEDIUM

CVE-2018-1871

all versions

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.0, 3.0.2, and 3.0.5 is vulnerable to cross-site scri

5.4MEDIUM

CVE-2018-1819

all versions

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2, 3.0.4, 3.0.6, and 3.2.0 is vulnerable to SQL inje

6.3MEDIUM

CVE-2018-1670

all versions

IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2 could allow an authenticated user to obtain sensitive

3.1LOW

CVE-2018-1393

all versions

IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.6 could allow an authenticated user to execute a special

3.1LOW

CVE-2018-1390

all versions

IBM Financial Transaction Manager for Check Services for Multi-Platform 3.0, 3.0.2, and 3.0.2.1 is vulnerable to cross-site script

5.4MEDIUM

CVE-2016-0276

>= 3.0.0.0 and <= 3.0.0.12

IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transacti

6.3MEDIUM

CVE-2016-0275

>= 3.0.0.0 and <= 3.0.0.12

IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transacti

3.3LOW

CVE-2016-0274

>= 3.0.0.0 and <= 3.0.0.12

IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transacti

5.4MEDIUM

CVE-2016-0272

>= 3.0.0.0 and <= 3.0.0.12

Cross-site request forgery (CSRF) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1

8.0HIGH

CVE-2016-0268

>= 3.0.0.0 and <= 3.0.0.12

XML external entity (XXE) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and

4.3MEDIUM

CVE-2016-0253

>= 3.0.0.0 and <= 3.0.0.12

Cross-site scripting (XSS) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 an

5.4MEDIUM

CVE-2018-1392

all versions

IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for Multi-Platform could allow an authenticated user to execute

3.1LOW

CVE-2018-1391

all versions

IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for Multi-Platform could allow an authenticated user to execute

6.5MEDIUM

CVE-2017-1758

all versions

IBM Financial Transaction Manager for ACH Services for Multi-Platform (IBM Control Center 6.0 and 6.1, IBM Financial Transaction M

7.1HIGH

CVE-2017-1606

all versions

IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) 3.0.0.0 through 3.0.0.7 is vulnerable to SQL injection. A remote a

8.8HIGH

CVE-2017-1538

all versions

IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2 could allow an authenticated user to obtain sensitive

6.5MEDIUM

CVE-2017-1160

all versions

IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.0.x is vulnerable to cross-site scripting. This vulnerab

5.4MEDIUM

CVE-2017-1152

all versions

IBM Financial Transaction Manager 3.0.1 and 3.0.2 does not properly update the SESSIONID with each request, which could allow a us

4.3MEDIUM

CVE-2016-5920

all versions

Cross-site scripting (XSS) vulnerability in the Web UI in IBM Financial Transaction Manager (FTM) for ACH Services 3.0.0.x before

5.4MEDIUM

CVE-2016-3060

all versions

Payments Director in IBM Financial Transaction Manager (FTM) for ACH Services, Check Services, and Corporate Payment Services (CPS

5.7MEDIUM

CVE-2016-0232

all versions

IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3.0.0 before FP12 al

4.3MEDIUM

CVE-2016-0231

all versions

IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3.0.0 before FP12 al

4.3MEDIUM

CVE-2014-8917

all versions

Multiple cross-site scripting (XSS) vulnerabilities in (1) dojox/form/resources/uploader.swf (aka upload.swf), (2) dojox/form/reso

CVE-2014-0833

all versions

The OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 does not properly enforce operator-intervention re

CVE-2014-0832

all versions

Multiple cross-site scripting (XSS) vulnerabilities in configuration-details screens in the OAC component in IBM Financial Transac

CVE-2014-0831

all versions

Cross-site request forgery (CSRF) vulnerability in the OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3

CVE-2014-0830

all versions

Directory traversal vulnerability in the table-export implementation in the OAC component in IBM Financial Transaction Manager (FT