2000-03-22 05:00:00
mitre
PUBLISHED
Sample web sites on Microsoft Site Server 3.0 Commerce Edition do not validate an identification number, which allows remote attackers to execute SQL commands.