Unrated severityNVD Advisory· Published Jun 12, 2006· Updated Apr 16, 2026

CVE-2006-2959

Description

SQL injection vulnerability in inc_header.asp in Snitz Forum 3.4.05 and earlier allows remote attackers to execute arbitrary SQL commands via the %strCookieURL%.GROUP parameter in a cookie.

Affected products

Snitz Communications/Snitz Forums 200010 versions
cpe:2.3:a:snitz_communications:snitz_forums_2000:3.0:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:a:snitz_communications:snitz_forums_2000:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:snitz_communications:snitz_forums_2000:3.1:sr4:*:*:*:*:*:*
- cpe:2.3:a:snitz_communications:snitz_forums_2000:3.3:*:*:*:*:*:*:*
- cpe:2.3:a:snitz_communications:snitz_forums_2000:3.3.03:*:*:*:*:*:*:*
- cpe:2.3:a:snitz_communications:snitz_forums_2000:3.4.02:*:*:*:*:*:*:*
- cpe:2.3:a:snitz_communications:snitz_forums_2000:3.4.03:*:*:*:*:*:*:*
- cpe:2.3:a:snitz_communications:snitz_forums_2000:3.4.04:*:*:*:*:*:*:*
- cpe:2.3:a:snitz_communications:snitz_forums_2000:3.4.05:*:*:*:*:*:*:*
- cpe:2.3:a:snitz_communications:snitz_forums_2000:3.3.01:*:*:*:*:*:*:*
- cpe:2.3:a:snitz_communications:snitz_forums_2000:3.3.02:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kapda.ir/advisory-343.htmlnvdExploitVendor Advisory
forum.snitz.com/forum/topic.aspnvd
securityreason.com/securityalert/1075nvd
securitytracker.com/idnvd
www.securityfocus.com/archive/1/436702/100/0/threadednvd
www.securityfocus.com/bid/18362nvd
exchange.xforce.ibmcloud.com/vulnerabilities/27080nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000