CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2009-2093
https://notcve.org/view.php?id=CVE-2009-2093
SQL injection vulnerability in the console in IBM WebSphere Partner Gateway (WPG) Enterprise 6.0 before FP8, 6.1 before FP3, 6.1.1 before FP2, and 6.2 before FP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en la consola en IBM WebSphere Partner Gateway (WPG) Enterprise v6.0 anteriores a FP8, v6.1 anteriores a FP3, v6.1.1 anteriores a FP2, y v6.2 anteriores FP1 permite a los usuarios remotos autenticados ejecutar arbitrariamente comandos SQL a través de vectores no especificados. • http://secunia.com/advisories/36295 http://www-01.ibm.com/support/docview.wss?uid=swg21382117 http://www-1.ibm.com/support/docview.wss?uid=swg1JR32386 http://www-1.ibm.com/support/docview.wss?uid=swg1JR32607 http://www-1.ibm.com/support/docview.wss?uid=swg1JR32608 http://www-1.ibm.com/support/docview.wss? • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •