Vulnerabilities > IBM > Websphere Partner Gateway > 6.0.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-08-13 | CVE-2009-2093 | SQL Injection vulnerability in IBM Websphere Partner Gateway SQL injection vulnerability in the console in IBM WebSphere Partner Gateway (WPG) Enterprise 6.0 before FP8, 6.1 before FP3, 6.1.1 before FP2, and 6.2 before FP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 6.5 |
2009-02-22 | CVE-2009-0440 | Improper Authentication vulnerability in IBM Websphere Partner Gateway IBM WebSphere Partner Gateway (WPG) 6.0.0 through 6.0.0.7 does not properly handle failures of signature verification, which might allow remote authenticated users to submit a crafted RosettaNet (aka RNIF) document to a backend application, related to (1) "altered service content" and (2) "digital signature foot-print." | 6.5 |