CyberSec.Space Logo
CVEブラウザに戻る

CVE-2003-0286

HIGH
7.5
CVSS Severity Score
EPSS Score0.1010%
EPSS Percentile44.33th
Published2003年6月16日
Last Modified2026年4月16日

Vulnerability Description

SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote attackers to execute arbitrary stored procedures via the Email variable.

Affected Platforms (CPE)

📦
Snitz Communications

Snitz Forums 2000

<= 3.3.03

References & Advisories

🔗 http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0067.html
🔗 http://marc.info/?l=bugtraq&m=105277599131134&w=2
🔗 http://osvdb.org/56166
🔗 http://packetstormsecurity.org/0305-exploits/snitz_exec.txt
🔗 http://secunia.com/advisories/35733
🔗 http://www.securityfocus.com/bid/35764
🔗 http://www.securityfocus.com/bid/7549
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/11981

関連する脆弱性情報

CVE-2006-56039.8

SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands ...

CVE-2002-06077.5

members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows remote attackers to execute arbitrary code via a SQL injection ...

CVE-2002-03297.5

Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as ...

CVE-2007-10237.5

SQL injection vulnerability in pop_profile.asp in Snitz Forums 2000 3.1 SR4 allows remote attackers to execute arbitrary SQL comma...