Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-5653 | 1 Misys | 1 Fusioncapital Opics Plus | 2016-11-28 | 4.0 MEDIUM | 6.5 MEDIUM |
Multiple SQL injection vulnerabilities in Misys FusionCapital Opics Plus allow remote authenticated users to execute arbitrary SQL commands via the (1) ID or (2) Branch parameter. | |||||
CVE-2016-5654 | 1 Misys | 1 Fusioncapital Opics Plus | 2016-11-28 | 8.5 HIGH | 7.5 HIGH |
Misys FusionCapital Opics Plus allows remote authenticated users to gain privileges via a man-in-the-middle attack that modifies the xmlMessageOut parameter. | |||||
CVE-2016-5655 | 1 Misys | 1 Fusioncapital Opics Plus | 2016-11-28 | 4.3 MEDIUM | 5.9 MEDIUM |
Misys FusionCapital Opics Plus does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate. |