CVE-2000-0161

Name of the Vulnerable Software and Affected Versions Microsoft Site Server 3.0 Commerce Edition

Description The issue concerns sample web sites on Microsoft Site Server 3.0 Commerce Edition that do not validate an identification number. This lack of validation allows remote attackers to execute SQL commands.

Recommendations For Microsoft Site Server 3.0 Commerce Edition, ensure that all identification numbers are properly validated to prevent the execution of unauthorized SQL commands. As a temporary workaround, consider restricting access to sensitive database operations until a proper validation mechanism is implemented.