Snitz Forums 2000
Sign in to watchCVEs (24)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2006-2959 | 0.00 | — | 0.01 | Jun 12, 2006 | SQL injection vulnerability in inc_header.asp in Snitz Forum 3.4.05 and earlier allows remote attackers to execute arbitrary SQL commands via the %strCookieURL%.GROUP parameter in a cookie. | ||
| CVE-2003-0493 | 0.00 | — | 0.00 | Aug 7, 2003 | Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and replaying the encrypted password after obtaining a valid session ID. | ||
| CVE-2003-0494 | 0.00 | — | 0.01 | Aug 7, 2003 | password.asp in Snitz Forums 3.4.03 and earlier allows remote attackers to reset passwords and gain privileges as other users by via a direct request to password.asp with a modified member id. | ||
| CVE-2003-0286 | 0.00 | — | 0.01 | Jun 16, 2003 | SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote attackers to execute arbitrary stored procedures via the Email variable. |
Page 2 of 2