VYPR
Unrated severityNVD Advisory· Published Nov 9, 2010· Updated Jun 16, 2026

CVE-2010-2635

CVE-2010-2635

Description

SQL injection vulnerability in IBM WebSphere Commerce 6.0 before 6.0.0.10 allows remote authenticated users to execute arbitrary SQL commands via unspecified parameters to "Commerce Organization Admin Console JavaServer pages."

Affected products

10
  • cpe:2.3:a:ibm:websphere_commerce:6.0.0.1:*:*:*:*:*:*:*+ 9 more
    • cpe:2.3:a:ibm:websphere_commerce:6.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:6.0.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:6.0.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:6.0.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:6.0.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:6.0.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:6.0.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:6.0.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:6.0.0.9:*:*:*:*:*:*:*
    • (no CPE)range: <6.0.0.10

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.