← CVECheck
HomeVulnerabilities

CVE-2003-0118 — HIGH severity vulnerability (SQL injection vulnerability in the Document Tracking and Adm)

SQL injection vulnerability in the Document Tracking and Administration (DTA) website of Microsoft BizTalk Server 2000 and 2002 allows remote attackers to execute operating system commands via a request to (1) rawdocdata.asp or (2) RawCustomSearchField.asp containing an embedded SQL statement.

CVE IDCVE-2003-0118
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2003-05-12
Last modified2026-04-16
DescriptionSQL injection vulnerability in the Document Tracking and Administration (DTA) website of Microsoft BizTalk Server 2000 and 2002 allows remote attackers to execute operating system commands via a request to (1) rawdocdata.asp or (2) RawCustomSearchField.asp containing an embedded SQL statement.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →