Vulnerabilities (CVE)

Filtered by vendor Snitz Communications Subscribe
Filtered by product Snitz Forums 2000
Total 25 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2003-0493 1 Snitz Communications 1 Snitz Forums 2000 2024-11-20 10.0 HIGH N/A
Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and replaying the encrypted password after obtaining a valid session ID.
CVE-2003-0492 1 Snitz Communications 1 Snitz Forums 2000 2024-11-20 6.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in search.asp for Snitz Forums 3.4.03 and earlier allows remote attackers to execute arbitrary web script via the Search parameter.
CVE-2003-0286 1 Snitz Communications 1 Snitz Forums 2000 2024-11-20 7.5 HIGH N/A
SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote attackers to execute arbitrary stored procedures via the Email variable.
CVE-2002-0607 1 Snitz Communications 1 Snitz Forums 2000 2024-11-20 7.5 HIGH N/A
members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows remote attackers to execute arbitrary code via a SQL injection attack on the parameters (1) M_NAME, (2) UserName, (3) FirstName, (4) LastName, or (5) INITIAL.
CVE-2002-0329 1 Snitz Communications 1 Snitz Forums 2000 2024-11-20 7.5 HIGH N/A
Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as other Forums 2000 users via Javascript in an IMG tag.