Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe
Filtered by product Websphere Partner Gateway
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-2093 1 Ibm 1 Websphere Partner Gateway 2024-11-21 6.5 MEDIUM N/A
SQL injection vulnerability in the console in IBM WebSphere Partner Gateway (WPG) Enterprise 6.0 before FP8, 6.1 before FP3, 6.1.1 before FP2, and 6.2 before FP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-0897 1 Ibm 1 Websphere Partner Gateway 2024-11-21 4.0 MEDIUM N/A
IBM WebSphere Partner Gateway (WPG) 6.1.0 before 6.1.0.1 and 6.1.1 before 6.1.1.1 allows remote authenticated users to obtain sensitive information via vectors related to the "schema DB2 instance id" and the bcgarchive (aka the archiver script).
CVE-2009-0440 1 Ibm 1 Websphere Partner Gateway 2024-11-21 6.5 MEDIUM N/A
IBM WebSphere Partner Gateway (WPG) 6.0.0 through 6.0.0.7 does not properly handle failures of signature verification, which might allow remote authenticated users to submit a crafted RosettaNet (aka RNIF) document to a backend application, related to (1) "altered service content" and (2) "digital signature foot-print."