CVE-2001-0319
orderdspc.d2w macro in IBM Net.Commerce 3.x allows remote attackers to execute arbitrary SQL queries by inserting them into the order_rn option of the report capability.
Date published : 2001-05-07
http://www.securityfocus.com/bid/2350
http://archives.neohapsis.com/archives/bugtraq/2001-02/0072.html