4 matches found
CVE-2015-7397
The CVE-2015-7397 entry concerns IBM WebSphere Commerce’s Aurora starter store, where an open redirection vulnerability in the referrer parameter allows remote attackers to redirect users to arbitrary URLs, enabling phishing attempts. Affected software is WebSphere Commerce 7.0 through Feature Pa...
CVE-2012-3300
IBM WebSphere Commerce 7.0 before 7.0.0.6, when persistent sessions and personalization IDs are enabled, allows remote attackers to cause a denial of service resource consumption via unspecified vectors...
CVE-2012-3300
IBM WebSphere Commerce 7.0 before 7.0.0.6, when persistent sessions and personalization IDs are enabled, allows remote attackers to cause a denial of service resource consumption via unspecified vectors...
Information disclosure
IBM WebSphere Commerce 7.0 does not properly encrypt data in a database, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms...