Snitz Forums 2000 Security Vulnerabilities and Issues — Snitz Forums 2000 CVE List

Lucene search

Snitz CommunicationsSnitz Forums 2000

5 matches found

CVE•added 2003/06/16 4:0 a.m.•50 views

CVE-2003-0286

SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote attackers to execute arbitrary stored procedures via the Email variable.

7.5CVSS7.8AI score0.01226EPSS

CVE•added 2003/08/07 4:0 a.m.•39 views

CVE-2003-0493

Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and replaying the encrypted password after obtaining a valid session ID.

10CVSS6.9AI score0.00461EPSS

CVE•added 2003/08/07 4:0 a.m.•39 views

CVE-2003-0494

password.asp in Snitz Forums 3.4.03 and earlier allows remote attackers to reset passwords and gain privileges as other users by via a direct request to password.asp with a modified member id.

10CVSS6.8AI score0.00933EPSS

CVE•added 2003/04/02 5:0 a.m.•36 views

CVE-2002-0329

Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as other Forums 2000 users via Javascript in an IMG tag.

7.5CVSS7AI score0.237EPSS

CVE•added 2003/08/07 4:0 a.m.•32 views

CVE-2003-0492

Cross-site scripting (XSS) vulnerability in search.asp for Snitz Forums 3.4.03 and earlier allows remote attackers to execute arbitrary web script via the Search parameter.

6.8CVSS6.3AI score0.00519EPSS