Vulnerabilities > IBM > Security Siteprotector System

DATE CVE VULNERABILITY TITLE RISK
2015-05-25 CVE-2015-0161 SQL Injection vulnerability in IBM Security Siteprotector System
SQL injection vulnerability in IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
ibm CWE-89
6.5
6.5
2015-05-25 CVE-2015-0160 Permissions, Privileges, and Access Controls vulnerability in IBM Security Siteprotector System
IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to execute arbitrary commands with SYSTEM privileges via unspecified vectors.
network
low complexity
ibm CWE-264
critical
 9.0
9.0