IBM » Websphere Commerce Suite : Security Vulnerabilities, CVEs, CVSS score >= 6
IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing.
Max CVSS
7.5
EPSS Score
1.58%
Published
2001-09-19
Updated
2017-10-10
orderdspc.d2w macro in IBM Net.Commerce 3.x allows remote attackers to execute arbitrary SQL queries by inserting them into the order_rn option of the report capability.
Max CVSS
7.5
EPSS Score
0.82%
Published
2001-05-03
Updated
2017-10-10
2 vulnerabilities found