CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2002-0329

HIGH
7.5
CVSS Severity Score
EPSS Score0.1350%
EPSS Percentile23.03th
Published2002年6月25日
Last Modified2026年4月16日

Vulnerability Description

Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as other Forums 2000 users via Javascript in an IMG tag.

Affected Platforms (CPE)

📦
Snitz Communications

Snitz Forums 2000

= 3.0
📦
Snitz Communications

Snitz Forums 2000

= 3.1
📦
Snitz Communications

Snitz Forums 2000

= 3.2.03
📦
Snitz Communications

Snitz Forums 2000

= 3.3
📦
Snitz Communications

Snitz Forums 2000

= 3.3.01
📦
Snitz Communications

Snitz Forums 2000

= 3.3.02

References & Advisories

🔗 http://forum.snitz.com/forum/link.asp?TOPIC_ID=23660
🔗 http://marc.info/?l=bugtraq&m=101485184605149&w=2
🔗 http://online.securityfocus.com/archive/1/258981
🔗 http://www.iss.net/security_center/static/8309.php
🔗 http://www.kb.cert.org/vuls/id/132011
🔗 http://www.securityfocus.com/bid/4192
🔗 http://forum.snitz.com/forum/link.asp?TOPIC_ID=23660
🔗 http://marc.info/?l=bugtraq&m=101485184605149&w=2

相關漏洞威脅

CVE-2006-56039.8

SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands ...

CVE-2002-06077.5

members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows remote attackers to execute arbitrary code via a SQL injection ...

CVE-2003-02867.5

SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote att...

CVE-2007-10237.5

SQL injection vulnerability in pop_profile.asp in Snitz Forums 2000 3.1 SR4 allows remote attackers to execute arbitrary SQL comma...