CyberSec.Space Logo
Back to CVE Browser

CVE-2003-0286

HIGH
7.5
CVSS Severity Score
EPSS Score0.1010%
EPSS Percentile44.33th
PublishedJun 16, 2003
Last ModifiedApr 16, 2026

Vulnerability Description

SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote attackers to execute arbitrary stored procedures via the Email variable.

Affected Platforms (CPE)

πŸ“¦
Snitz Communications

Snitz Forums 2000

<= 3.3.03

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0067.html
πŸ”— http://marc.info/?l=bugtraq&m=105277599131134&w=2
πŸ”— http://osvdb.org/56166
πŸ”— http://packetstormsecurity.org/0305-exploits/snitz_exec.txt
πŸ”— http://secunia.com/advisories/35733
πŸ”— http://www.securityfocus.com/bid/35764
πŸ”— http://www.securityfocus.com/bid/7549
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/11981

Related Vulnerabilities

CVE-2006-56039.8

SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands ...

CVE-2002-06077.5

members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows remote attackers to execute arbitrary code via a SQL injection ...

CVE-2002-03297.5

Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as ...

CVE-2007-10237.5

SQL injection vulnerability in pop_profile.asp in Snitz Forums 2000 3.1 SR4 allows remote attackers to execute arbitrary SQL comma...