Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1687 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2023-12-10 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in down.asp for Snitz Forums 2000 3.4.04 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the location parameter. | |||||
| CVE-2002-0607 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2023-12-10 | 7.5 HIGH | N/A |
| members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows remote attackers to execute arbitrary code via a SQL injection attack on the parameters (1) M_NAME, (2) UserName, (3) FirstName, (4) LastName, or (5) INITIAL. | |||||
| CVE-2003-0492 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2023-12-10 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.asp for Snitz Forums 3.4.03 and earlier allows remote attackers to execute arbitrary web script via the Search parameter. | |||||
| CVE-2003-0286 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2023-12-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote attackers to execute arbitrary stored procedures via the Email variable. | |||||
| CVE-2003-0494 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2023-12-10 | 10.0 HIGH | N/A |
| password.asp in Snitz Forums 3.4.03 and earlier allows remote attackers to reset passwords and gain privileges as other users by via a direct request to password.asp with a modified member id. | |||||