Vulnerabilities > IBM > Websphere Commerce Suite > 3.1.2

DATE CVE VULNERABILITY TITLE RISK
2001-09-19 CVE-2001-0962 Unspecified vulnerability in IBM products
IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing.
network
low complexity
ibm
7.5
2001-05-03 CVE-2001-0319 Unspecified vulnerability in IBM products
orderdspc.d2w macro in IBM Net.Commerce 3.x allows remote attackers to execute arbitrary SQL queries by inserting them into the order_rn option of the report capability.
network
low complexity
ibm
7.5