CyberSec.Space Logo
Back to CVE Browser

CVE-2007-1023

HIGH
7.5
CVSS Severity Score
EPSS Score0.0450%
EPSS Percentile27.64th
PublishedFeb 21, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

SQL injection vulnerability in pop_profile.asp in Snitz Forums 2000 3.1 SR4 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected Platforms (CPE)

πŸ“¦
Snitz Communications

Snitz Forums 2000

= 3.1

References & Advisories

πŸ”— http://osvdb.org/35131
πŸ”— http://www.securityfocus.com/bid/22593
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/32543
πŸ”— https://www.exploit-db.com/exploits/3321
πŸ”— http://osvdb.org/35131
πŸ”— http://www.securityfocus.com/bid/22593
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/32543
πŸ”— https://www.exploit-db.com/exploits/3321

Related Vulnerabilities

CVE-2006-56039.8

SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands ...

CVE-2003-02867.5

SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote att...

CVE-2002-03297.5

Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as ...

CVE-2002-06077.5

members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows remote attackers to execute arbitrary code via a SQL injection ...