CyberSec.Space Logo
Back to CVE Browser

CVE-2002-0329

HIGH
7.5
CVSS Severity Score
EPSS Score0.1350%
EPSS Percentile23.03th
PublishedJun 25, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as other Forums 2000 users via Javascript in an IMG tag.

Affected Platforms (CPE)

πŸ“¦
Snitz Communications

Snitz Forums 2000

= 3.0
πŸ“¦
Snitz Communications

Snitz Forums 2000

= 3.1
πŸ“¦
Snitz Communications

Snitz Forums 2000

= 3.2.03
πŸ“¦
Snitz Communications

Snitz Forums 2000

= 3.3
πŸ“¦
Snitz Communications

Snitz Forums 2000

= 3.3.01
πŸ“¦
Snitz Communications

Snitz Forums 2000

= 3.3.02

References & Advisories

πŸ”— http://forum.snitz.com/forum/link.asp?TOPIC_ID=23660
πŸ”— http://marc.info/?l=bugtraq&m=101485184605149&w=2
πŸ”— http://online.securityfocus.com/archive/1/258981
πŸ”— http://www.iss.net/security_center/static/8309.php
πŸ”— http://www.kb.cert.org/vuls/id/132011
πŸ”— http://www.securityfocus.com/bid/4192
πŸ”— http://forum.snitz.com/forum/link.asp?TOPIC_ID=23660
πŸ”— http://marc.info/?l=bugtraq&m=101485184605149&w=2

Related Vulnerabilities

CVE-2006-56039.8

SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands ...

CVE-2002-06077.5

members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows remote attackers to execute arbitrary code via a SQL injection ...

CVE-2003-02867.5

SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote att...

CVE-2007-10237.5

SQL injection vulnerability in pop_profile.asp in Snitz Forums 2000 3.1 SR4 allows remote attackers to execute arbitrary SQL comma...