Page 5 of 23 results (0.004 seconds)

CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0

SQL injection vulnerability in IBM WebSphere Commerce 6.0 before 6.0.0.10 allows remote authenticated users to execute arbitrary SQL commands via unspecified parameters to "Commerce Organization Admin Console JavaServer pages." Vulnerabilidad de inyección SQL en IBM WebSphere Commerce 6.0 anterior v6.0.0.10 permite a usuarios autenticados remotamente ejecutar comandos SQL de su elección a través de parámetros no especificados en "páginas Commerce Organization Admin Console JavaServer ." • http://www-01.ibm.com/support/docview.wss?uid=swg1IZ73130 https://exchange.xforce.ibmcloud.com/vulnerabilities/62951 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0

Multiple unspecified vulnerabilities in IBM WebSphere Commerce 6.0 before 6.0.0.7 have unknown impact and attack vectors. Vulnerabilidad mútiple no especificada en IBM WebSphere Commerce v6.0 anteriores a v6.0.0.7 tienen un impacto desconocido y vector de ataque. • http://publib.boulder.ibm.com/infocenter/wchelp/v6r0m0/topic/com.ibm.commerce.admin.doc/refs/rig_new_and_changed.htm http://www-01.ibm.com/support/docview.wss?uid=swg24021397 http://www-1.ibm.com/support/docview.wss?uid=swg1LI74127 https://exchange.xforce.ibmcloud.com/vulnerabilities/53084 •

CVSS: 1.5EPSS: 0%CPEs: 12EXPL: 0

Unspecified vulnerability in IBM WebSphere Commerce 6.0 Enterprise before 6.0.0.8, when trace is enabled, allows local users to obtain sensitive information via unknown vectors. Vulnerabilidad no especificada en IBM WebSphere Commerce v6.0 Enterprise anteriores a v6.0.0.8, cuando Trace es habilitado, permite a usuarios locales obtener información sensible a través de vectores desconocidos. • http://publib.boulder.ibm.com/infocenter/wchelp/v6r0m0/topic/com.ibm.commerce.admin.doc/refs/rig_new_and_changed.htm http://www-1.ibm.com/support/docview.wss?uid=swg1LI74286 https://exchange.xforce.ibmcloud.com/vulnerabilities/52398 •