CyberSec.Space Logo
返回 CVE 浏览器

CVE-2003-0494

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0290%
EPSS Percentile3.96th
Published2003年8月7日
Last Modified2026年4月16日

Vulnerability Description

password.asp in Snitz Forums 3.4.03 and earlier allows remote attackers to reset passwords and gain privileges as other users by via a direct request to password.asp with a modified member id.

Affected Platforms (CPE)

📦
Snitz Communications

Snitz Forums 2000

= 3.4.03

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=105578322012128&w=2
🔗 http://www.securityfocus.com/bid/7925
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/12326
🔗 http://marc.info/?l=bugtraq&m=105578322012128&w=2
🔗 http://www.securityfocus.com/bid/7925
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/12326

相关漏洞威胁

CVE-2006-56039.8

SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands ...

CVE-2003-02867.5

SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote att...

CVE-2002-03297.5

Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as ...

CVE-2002-06077.5

members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows remote attackers to execute arbitrary code via a SQL injection ...