Skip to main content

Fusioncapital Opics Plus

3 CVEs product

Monthly

CVE-2016-5655 MEDIUM This Month

Misys FusionCapital Opics Plus does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Fusioncapital Opics Plus
NVD
CVSS 3.0
5.9
EPSS
0.1%
CVE-2016-5654 HIGH This Week

Misys FusionCapital Opics Plus allows remote authenticated users to gain privileges via a man-in-the-middle attack that modifies the xmlMessageOut parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fusioncapital Opics Plus
NVD
CVSS 3.0
7.5
EPSS
0.8%
CVE-2016-5653 MEDIUM This Month

Multiple SQL injection vulnerabilities in Misys FusionCapital Opics Plus allow remote authenticated users to execute arbitrary SQL commands via the (1) ID or (2) Branch parameter. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Fusioncapital Opics Plus
NVD
CVSS 3.0
6.5
EPSS
0.3%
EPSS 0% CVSS 5.9
MEDIUM This Month

Misys FusionCapital Opics Plus does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Fusioncapital Opics Plus
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Misys FusionCapital Opics Plus allows remote authenticated users to gain privileges via a man-in-the-middle attack that modifies the xmlMessageOut parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fusioncapital Opics Plus
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Multiple SQL injection vulnerabilities in Misys FusionCapital Opics Plus allow remote authenticated users to execute arbitrary SQL commands via the (1) ID or (2) Branch parameter. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Fusioncapital Opics Plus
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy