IBM » Websphere Commerce Suite : Security Vulnerabilities, CVEs, Published In 2009 (Information Leak)
The (1) Net.Commerce and (2) Net.Data components in IBM WebSphere Commerce Suite store sensitive information under the web root with insufficient access control, which allows remote attackers to discover passwords, and database and filesystem details, via direct requests for configuration files.
Max CVSS
5.0
EPSS Score
0.16%
Published
2009-08-24
Updated
2017-08-17
1 vulnerabilities found