CVE-2003-0286

SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote attackers to execute arbitrary stored procedures via the Email variable...

CVE-2003-0286

Snitz Forums 2000 is vulnerable to an SQL injection in register.asp: the Email parameter is not sanitized, allowing remote attackers to execute stored procedures and potentially OS commands via SQL, including stored procedures like xp_cmdshell. Affected versions include before 3.4.03 and possibly...