The (1) Net.Commerce and (2) Net.Data components in IBM WebSphere Commerce Suite store sensitive information under the web root with insufficient access control, which allows remote malicious users to discover passwords, and database and filesystem details, via direct requests for configuration files.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm websphere commerce suite |