IBM Net.Commerce 2.0/3.x/4.x - orderdspc.d2w order_rn Option SQL Injection

source: https://www.securityfocus.com/bid/2350/info IBM's Net.Commerce ecommerce platform supports macros which, by default, do not properly validate requests in user-supplied input. A thoughtfully-formed request to a vulnerable script can cause the server to disclose sensitive system information...