Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2001-0442

Malware in sbrugna...

5CVSS6.4AI score0.01324EPSS
Exploits0References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.27 views

IBM Net.Commerce 2.0/3.x/4.x orderdspc.d2w order_rn Option SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/2350/info IBM's Net.Commerce ecommerce platform supports macros which, by default, do not properly validate requests in user-supplied input. A thoughtfully-formed request to a vulnerable script can cause the server to...

7.1AI score
Exploits0
Prion
Prion
added 2009/08/24 3:30 p.m.13 views

Improper access control

The 1 Net.Commerce and 2 Net.Data components in IBM WebSphere Commerce Suite store sensitive information under the web root with insufficient access control, which allows remote attackers to discover passwords, and database and filesystem details, via direct requests for configuration files...

5CVSS6.7AI score0.01076EPSS
Exploits0References1
Cvelist
Cvelist
added 2001/05/24 4:0 a.m.22 views

CVE-2001-0446

IBM WCS WebSphere Commerce Suite 4.0.1 with Application Server 3.0.2 allows remote attackers to read source code for .jsp files by appending a / to the requested URL...

6.6AI score0.01324EPSS
Exploits0References1
securityvulns
securityvulns
added 2001/03/11 12:0 a.m.200 views

Re: Passwords in Net.Commerce/WebSphere decryptable, any version

IBM Global Services Managed Security Services Outside Advisory Redistribution 8 MAR 2001 2:11 GMT MSS-OAR-E01-2001:087.1 =========================================================================== The MSS Outside Advisory Redistribution is designed to provide customers of IBM Managed Security...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2001/02/05 12:0 a.m.46 views

IBM Net.Commerce 2.0/3.x/4.x - orderdspc.d2w order_rn Option SQL Injection

source: https://www.securityfocus.com/bid/2350/info IBM's Net.Commerce ecommerce platform supports macros which, by default, do not properly validate requests in user-supplied input. A thoughtfully-formed request to a vulnerable script can cause the server to disclose sensitive system information...

7.4AI score
Exploits0
Rows per page
Query Builder