Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-0897 | 1 Ibm | 1 Websphere Partner Gateway | 2017-08-16 | 4.0 MEDIUM | N/A |
IBM WebSphere Partner Gateway (WPG) 6.1.0 before 6.1.0.1 and 6.1.1 before 6.1.1.1 allows remote authenticated users to obtain sensitive information via vectors related to the "schema DB2 instance id" and the bcgarchive (aka the archiver script). | |||||
CVE-2009-2093 | 1 Ibm | 1 Websphere Partner Gateway | 2017-08-16 | 6.5 MEDIUM | N/A |
SQL injection vulnerability in the console in IBM WebSphere Partner Gateway (WPG) Enterprise 6.0 before FP8, 6.1 before FP3, 6.1.1 before FP2, and 6.2 before FP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | |||||
CVE-2009-0440 | 1 Ibm | 1 Websphere Partner Gateway | 2017-08-07 | 6.5 MEDIUM | N/A |
IBM WebSphere Partner Gateway (WPG) 6.0.0 through 6.0.0.7 does not properly handle failures of signature verification, which might allow remote authenticated users to submit a crafted RosettaNet (aka RNIF) document to a backend application, related to (1) "altered service content" and (2) "digital signature foot-print." |