CVE-2014-3041
IBM Emptoris Contract Management is affected by CVE-2014-3041, a SQL injection vulnerability in 9.5.x before 9.5.0.6 iFix 10; 10.0.0.x before 10.0.0.1 iFix 10; 10.0.1.x before 10.0.1.4; and 10.0.2.x before 10.0.2.2 iFix 2. Remote authenticated users can execute arbitrary SQL commands via unspecif...