CVE-2009-2093 Information

Description

SQL injection vulnerability in the console in IBM WebSphere Partner Gateway (WPG) Enterprise 6.0 before FP8 6.1 before FP3 6.1.1 before FP2 and 6.2 before FP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Reference

http://secunia.com/advisories/36295 http://www.vupen.com/english/advisories/2009/2292 http://www-01.ibm.com/support/docview.wss?uid=swg21382117 http://www-1.ibm.com/support/docview.wss?uid=swg1JR32386 http://www-1.ibm.com/support/docview.wss?uid=swg1JR32607 http://www-1.ibm.com/support/docview.wss?uid=swg1JR32608 http://www-1.ibm.com/support/docview.wss?uid=swg1JR32609 http://www-1.ibm.com/support/docview.wss?uid=swg1JR33176 https://exchange.xforce.ibmcloud.com/vulnerabilities/52393