cbcvebase.

Polarisft Intellect Core Banking vulnerabilities

4 known vulnerabilities affecting polarisft/intellect_core_banking.

Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2018-14931P3MEDIUMCVSS 6.1PoCv9.7.12019-04-30
CVE-2018-14931 [MEDIUM] CWE-601 CVE-2018-14931: An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. A An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. An open redirect exists via a /IntellectMain.jsp?IntellectSystem= URI.
nvd
CVE-2018-14874P3HIGHCVSS 8.8v9.7.12019-04-30
CVE-2018-14874 [HIGH] CWE-89 CVE-2018-14874: An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. Input passed An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. Input passed through the code parameter in three pages as collaterals/colexe3t.jsp and /references/refsuppu.jsp and /references/refbranu.jsp is mishandled before being used in SQL queries, allowing SQL injection with an authenticated session.
nvd
CVE-2018-14930P4HIGHCVSS 8.8v9.7.12019-04-30
CVE-2018-14930 [HIGH] CWE-352 CVE-2018-14930: An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. CSRF can occ An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. CSRF can occur via a /CollatWebApp/gcmsRefInsert?name=SUPP URI.
nvd
CVE-2018-14875P4MEDIUMCVSS 5.4v9.7.12019-04-30
CVE-2018-14875 [MEDIUM] CWE-79 CVE-2018-14875: An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. R An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. Reflected XSS exists with an authenticated session via the Customerid, formName, FrameId, or MODE parameter.
nvd
Polarisft Intellect Core Banking vulnerabilities | cvebase