GCVE - cpe:2.3:a:w2b:online_banking:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:w2b:online_banking:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	W2B (`f4bd83bb-a319-51f3-a730-9c566d95a6a7`)
Product	Online Banking (`02a657b5-61e3-5bce-8a5c-6fab28192279`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2008-1893`	vulnerable	2026-06-08 04:50:22.169107	Details available PHP remote file inclusion vulnerability in index.php in W2B Online Banking allows remote attackers to execute arbitrary PHP code via a URL in the ilang parameter. Published: 2008-04-18T22:00:00.000Z Updated: 2024-08-07T08:40:59.849Z Open on db.gcve.eu Reference links http://marc.info/?l=bugtraq&m=120829213903472&w=2 http://www.securityfocus.com/bid/28796 https://exchange.xforce.ibmcloud.com/vulnerabilities/41931	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-3175`	vulnerable	2026-06-08 04:49:53.394392	Details available Multiple SQL injection vulnerabilities in W2B Online Banking allow remote attackers to execute arbitrary SQL commands via (1) the draft parameter to mailer.w2b or (2) the listDocPay parameter to DocPay.w2b. Published: 2007-06-11T22:00:00.000Z Updated: 2024-08-07T14:05:29.185Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/34593 http://pridels-team.blogspot.com/2007/05/w2b-online-banking-vuln.html http://osvdb.org/37467 http://osvdb.org/37466	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-3174`	vulnerable	2026-06-08 04:49:53.393974	Details available Cross-site scripting (XSS) vulnerability in auth.w2b in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the adtype parameter, a different vector than CVE-2006-1980. Published: 2007-06-11T22:00:00.000Z Updated: 2024-08-07T14:05:29.301Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/34594 http://osvdb.org/37465 http://pridels-team.blogspot.com/2007/05/w2b-online-banking-vuln.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1980`	vulnerable	2026-06-08 04:48:58.553591	Details available Cross-site scripting (XSS) vulnerability in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the (1) query string, (2) SID parameter, or (3) ilang parameter. Published: 2006-04-21T22:00:00.000Z Updated: 2024-08-07T17:35:31.037Z Open on db.gcve.eu Reference links http://pridels0.blogspot.com/2006/04/w2b-online-banking-vuln.html http://www.vupen.com/english/advisories/2006/1445 http://www.osvdb.org/24759 http://secunia.com/advisories/19717 https://exchange.xforce.ibmcloud.com/vulnerabilities/25947	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.