Vulnerabilities (CVE)

Filtered by vendor Matera Subscribe

Filtered by product Banco

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-14927	1 Matera	1 Banco	2018-10-02	5.0 MEDIUM	5.3 MEDIUM
Matera Banco 1.0.0 is vulnerable to path traversal (allowing access to system files outside the default application folder) via the /contingency/servlet/ServletFileDownload file parameter, related to /contingency/web/receiptQuery/receiptDisplay.jsp.
CVE-2018-14929	1 Matera	1 Banco	2018-10-02	4.3 MEDIUM	6.1 MEDIUM
Matera Banco 1.0.0 is vulnerable to multiple reflected XSS, as demonstrated by the /contingency/web/index.jsp (aka home page) url parameter.
CVE-2018-14924	1 Matera	1 Banco	2018-10-02	4.3 MEDIUM	6.1 MEDIUM
Matera Banco 1.0.0 is vulnerable to multiple stored XSS, as demonstrated by the sca/privilegio/consultarUsuario.jsf "Nome Completo" (aka user fullname) field.