VYPR
Unrated severityNVD Advisory· Published May 3, 2001· Updated Jun 16, 2026

CVE-2001-0319

CVE-2001-0319

Description

orderdspc.d2w macro in IBM Net.Commerce 3.x allows remote attackers to execute arbitrary SQL queries by inserting them into the order_rn option of the report capability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

21
  • IBM/Net.commerce11 versions
    cpe:2.3:a:ibm:net.commerce:2.0:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:a:ibm:net.commerce:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:net.commerce:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:net.commerce:3.1.1:*:pro:*:*:*:*:*
    • cpe:2.3:a:ibm:net.commerce:3.1.1:*:start:*:*:*:*:*
    • cpe:2.3:a:ibm:net.commerce:3.1.2:*:pro:*:*:*:*:*
    • cpe:2.3:a:ibm:net.commerce:3.1.2:*:start:*:*:*:*:*
    • cpe:2.3:a:ibm:net.commerce:3.1:*:pro:*:*:*:*:*
    • cpe:2.3:a:ibm:net.commerce:3.1:*:start:*:*:*:*:*
    • cpe:2.3:a:ibm:net.commerce:3.2:*:pro:*:*:*:*:*
    • cpe:2.3:a:ibm:net.commerce:3.2:*:start:*:*:*:*:*
    • (no CPE)range: 3.x
  • cpe:2.3:a:ibm:net.commerce_hosting_server:3.1.1:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ibm:net.commerce_hosting_server:3.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:net.commerce_hosting_server:3.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:net.commerce_hosting_server:3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_commerce_suite:3.1.2:*:service_provider:*:*:*:*:*+ 6 more
    • cpe:2.3:a:ibm:websphere_commerce_suite:3.1.2:*:service_provider:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce_suite:3.2:*:service_provider:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce_suite:4.1.1:*:pro:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce_suite:4.1.1:*:start:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce_suite:4.1:*:marketplace:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce_suite:4.1:*:pro:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce_suite:4.1:*:start:*:*:*:*:*

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.