Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Polarisft Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-14930 1 Polarisft 1 Intellect Core Banking 2019-05-03 6.8 MEDIUM 8.8 HIGH
An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. CSRF can occur via a /CollatWebApp/gcmsRefInsert?name=SUPP URI.
CVE-2018-14875 1 Polarisft 1 Intellect Core Banking 2019-05-03 3.5 LOW 5.4 MEDIUM
An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. Reflected XSS exists with an authenticated session via the Customerid, formName, FrameId, or MODE parameter.
CVE-2018-14931 1 Polarisft 1 Intellect Core Banking 2019-05-03 5.8 MEDIUM 6.1 MEDIUM
An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. An open redirect exists via a /IntellectMain.jsp?IntellectSystem= URI.
CVE-2018-14874 1 Polarisft 1 Intellect Core Banking 2019-05-03 6.5 MEDIUM 8.8 HIGH
An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. Input passed through the code parameter in three pages as collaterals/colexe3t.jsp and /references/refsuppu.jsp and /references/refbranu.jsp is mishandled before being used in SQL queries, allowing SQL injection with an authenticated session.