RSS   Vulnerabilities for 'Fusioncapital opics plus'   RSS

2016-07-19
 
CVE-2016-5655

 

 
Misys FusionCapital Opics Plus does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate.

 
 
CVE-2016-5654

 

 
Misys FusionCapital Opics Plus allows remote authenticated users to gain privileges via a man-in-the-middle attack that modifies the xmlMessageOut parameter.

 
 
CVE-2016-5653

 

 
Multiple SQL injection vulnerabilities in Misys FusionCapital Opics Plus allow remote authenticated users to execute arbitrary SQL commands via the (1) ID or (2) Branch parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top