Forums 2000
CVEs (24)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-2959 | 0.00 | — | 0.01 | Jun 12, 2006 | SQL injection vulnerability in inc_header.asp in Snitz Forum 3.4.05 and earlier allows remote attackers to execute arbitrary SQL commands via the %strCookieURL%.GROUP parameter in a cookie. | |||
| CVE-2003-0493 | 0.00 | — | 0.02 | Aug 7, 2003 | Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and replaying the encrypted password after obtaining a valid session ID. | |||
| CVE-2003-0494 | 0.00 | — | 0.04 | Aug 7, 2003 | password.asp in Snitz Forums 3.4.03 and earlier allows remote attackers to reset passwords and gain privileges as other users by via a direct request to password.asp with a modified member id. | |||
| CVE-2003-0286 | 0.00 | — | 0.02 | Jun 16, 2003 | SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote attackers to execute arbitrary stored procedures via the Email variable. |
- CVE-2006-2959Jun 12, 2006risk 0.00cvss —epss 0.01
SQL injection vulnerability in inc_header.asp in Snitz Forum 3.4.05 and earlier allows remote attackers to execute arbitrary SQL commands via the %strCookieURL%.GROUP parameter in a cookie.
- CVE-2003-0493Aug 7, 2003risk 0.00cvss —epss 0.02
Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and replaying the encrypted password after obtaining a valid session ID.
- CVE-2003-0494Aug 7, 2003risk 0.00cvss —epss 0.04
password.asp in Snitz Forums 3.4.03 and earlier allows remote attackers to reset passwords and gain privileges as other users by via a direct request to password.asp with a modified member id.
- CVE-2003-0286Jun 16, 2003risk 0.00cvss —epss 0.02
SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote attackers to execute arbitrary stored procedures via the Email variable.
Page 2 of 2