CyberSec.Space Logo
Back to CVE Browser

CVE-2003-0494

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0290%
EPSS Percentile3.96th
PublishedAug 7, 2003
Last ModifiedApr 16, 2026

Vulnerability Description

password.asp in Snitz Forums 3.4.03 and earlier allows remote attackers to reset passwords and gain privileges as other users by via a direct request to password.asp with a modified member id.

Affected Platforms (CPE)

πŸ“¦
Snitz Communications

Snitz Forums 2000

= 3.4.03

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=105578322012128&w=2
πŸ”— http://www.securityfocus.com/bid/7925
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/12326
πŸ”— http://marc.info/?l=bugtraq&m=105578322012128&w=2
πŸ”— http://www.securityfocus.com/bid/7925
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/12326

Related Vulnerabilities

CVE-2006-56039.8

SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands ...

CVE-2003-02867.5

SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote att...

CVE-2002-03297.5

Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as ...

CVE-2002-06077.5

members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows remote attackers to execute arbitrary code via a SQL injection ...