CVE-2010-2635
published 2010-11-09CVE-2010-2635: SQL injection vulnerability in IBM WebSphere Commerce 6.0 before 6.0.0.10 allows remote authenticated users to execute arbitrary SQL commands via unspecified…
medium6.5CVSS 3.1
AVNACLAuSCPIPAP
SQL injection vulnerability in IBM WebSphere Commerce 6.0 before 6.0.0.10 allows remote authenticated users to execute arbitrary SQL commands via unspecified parameters to "Commerce Organization Admin Console JavaServer pages."
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | websphere_commerce | — | — |
| ibm | websphere_commerce | — | — |
| ibm | websphere_commerce | — | — |
| ibm | websphere_commerce | — | — |
| ibm | websphere_commerce | — | — |
| ibm | websphere_commerce | — | — |
| ibm | websphere_commerce | — | — |
| ibm | websphere_commerce | — | — |
| ibm | websphere_commerce | — | — |