VYPR

Financial Transaction Manager

by IBM

CVEs (55)

  • CVE-2017-1606HigDec 11, 2017
    risk 0.57cvss 8.8epss 0.01

    IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) 3.0.0.0 through 3.0.0.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end…

  • CVE-2017-1758HigFeb 21, 2018
    risk 0.46cvss 7.1epss 0.02

    IBM Financial Transaction Manager for ACH Services for Multi-Platform (IBM Control Center 6.0 and 6.1, IBM Financial Transaction Manager 3.0.2, 3.0.3, 3.0.4, and 3.1.0, IBM Transformation Extender Advanced 9.0) is vulnerable to a XML External Entity Injection (XXE) attack when…

  • CVE-2018-1391MedFeb 22, 2018
    risk 0.42cvss 6.5epss 0.01

    IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for Multi-Platform could allow an authenticated user to execute a specially crafted command that could cause a denial of service. IBM X-Force ID: 138376.

  • CVE-2017-1538MedOct 10, 2017
    risk 0.42cvss 6.5epss 0.01

    IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2 could allow an authenticated user to obtain sensitive information from an undocumented URL. IBM X-Force ID: 130735.

  • CVE-2018-1819MedOct 4, 2018
    risk 0.41cvss 6.3epss 0.02

    IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2, 3.0.4, 3.0.6, and 3.2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in…

  • CVE-2025-33135MedFeb 17, 2026
    risk 0.40cvss 6.1epss 0.00

    IBM Financial Transaction Manager for ACH Services and Check Services for Multi-Platform 3.0.0.0 through 3.0.5.4 Interim Fix 027 IBM Financial Transaction Manager for Check Services v3 (Multiplatforms) is vulnerable to cross-site scripting. This vulnerability allows an…

  • CVE-2016-3060MedOct 29, 2016
    risk 0.37cvss 5.7epss 0.01

    Payments Director in IBM Financial Transaction Manager (FTM) for ACH Services, Check Services, and Corporate Payment Services (CPS) 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.

  • CVE-2018-1390MedMar 30, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Financial Transaction Manager for Check Services for Multi-Platform 3.0, 3.0.2, and 3.0.2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to…

  • CVE-2017-1160MedApr 17, 2017
    risk 0.35cvss 5.4epss 0.01

    IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.0.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…

  • CVE-2016-5920MedOct 29, 2016
    risk 0.35cvss 5.4epss 0.01

    Cross-site scripting (XSS) vulnerability in the Web UI in IBM Financial Transaction Manager (FTM) for ACH Services 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2017-1152MedApr 14, 2017
    risk 0.28cvss 4.3epss 0.01

    IBM Financial Transaction Manager 3.0.1 and 3.0.2 does not properly update the SESSIONID with each request, which could allow a user to obtain the ID in further attacks against the system. IBM X-Force ID: 122293.

  • CVE-2016-0232MedFeb 15, 2016
    risk 0.28cvss 4.3epss 0.01

    IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3.0.0 before FP12 allows remote authenticated users to obtain sensitive information by reading README files.

  • CVE-2016-0231MedFeb 15, 2016
    risk 0.28cvss 4.3epss 0.01

    IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3.0.0 before FP12 allows remote authenticated users to obtain sensitive information by reading exception details in error logs.

  • CVE-2018-1670LowOct 4, 2018
    risk 0.20cvss 3.1epss 0.01

    IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2 could allow an authenticated user to obtain sensitive product configuration information from log files. IBM X-Force ID: 144946.

  • CVE-2018-1393LowJun 13, 2018
    risk 0.20cvss 3.1epss 0.01

    IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.6 could allow an authenticated user to execute a specially crafted command that could obtain sensitive information. IBM X-Force ID: 138378.

  • CVE-2018-1392LowFeb 22, 2018
    risk 0.20cvss 3.1epss 0.01

    IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for Multi-Platform could allow an authenticated user to execute a specially crafted command that could obtain sensitive information. IBM X-Force ID: 138377.

  • CVE-2024-49349Jan 31, 2025
    risk 0.00cvss epss 0.00

    IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.1 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality…

  • CVE-2024-49339Jan 31, 2025
    risk 0.00cvss epss 0.00

    IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.1 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality…

  • CVE-2023-49880Dec 25, 2023
    risk 0.00cvss epss 0.01

    In the Message Entry and Repair (MER) facility of IBM Financial Transaction Manager for SWIFT Services 3.2.4 the sending address and the message type of FIN messages are assumed to be immutable. However, an attacker might modify these elements of a business transaction. IBM…

  • CVE-2023-35892Sep 4, 2023
    risk 0.00cvss epss 0.01

    IBM Financial Transaction Manager for SWIFT Services 3.2.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: …

Page 1 of 3