IBM Websphere/NetCommerce3 3.1.2 allows remote malicious users to determine the real path of the server by directly calling the macro.d2w macro with a NOEXISTINGHTMLBLOCK argument.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm websphere application server 5.1.0.3 |
||
ibm net.commerce 3.1.2 |