Snitz_communications Snitz_forums_2000
25 CVEs affecting Snitz_communications Snitz_forums_2000. Latest disclosed: 2012-10-08. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2006-5603 | Critical | 9.8 | 2006-10-30 | SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the RC parameter. NOTE… |
CVE-2012-5313 | | 2012-10-08 | SQL injection vulnerability in forum.asp in Snitz Forums 2000 allows remote attackers to execute arbitrary SQL commands via the TOPIC_ID parameter. | |
CVE-2010-4827 | | 2011-08-24 | Cross-site scripting (XSS) vulnerability in members.asp in Snitz Forums 2000 3.4.07 allows remote attackers to inject arbitrary web script or HTML via the M_NA… | |
CVE-2010-4826 | | 2011-08-24 | SQL injection vulnerability in members.asp in Snitz Forums 2000 3.4.07 allows remote attackers to execute arbitrary SQL commands via the M_NAME parameter. NOT… | |
CVE-2009-4554 | | 2010-01-04 | Multiple cross-site scripting (XSS) vulnerabilities in Snitz Forums 2000 3.4.07 allow remote attackers to inject arbitrary web script or HTML via (1) the url p… | |
CVE-2008-0209 | | 2008-01-10 | Open redirect vulnerability in Forums/login.asp in Snitz Forums 2000 3.4.06 and earlier allows remote attackers to redirect users to arbitrary web sites via a… | |
CVE-2008-0208 | | 2008-01-10 | Cross-site scripting (XSS) vulnerability in login.asp in Snitz Forums 2000 3.4.05 and earlier allows remote attackers to inject arbitrary web script or HTML vi… | |
CVE-2008-0136 | | 2008-01-08 | Snitz Forums 2000 3.4.05 allows remote attackers to obtain sensitive information via a direct request to forum/whereami.asp, which reveals the database path. | |
CVE-2008-0135 | | 2008-01-08 | Snitz Forums 2000 3.4.06 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to downloa… | |
CVE-2008-0134 | | 2008-01-08 | Cross-site scripting (XSS) vulnerability in Forums/setup.asp in Snitz Forums 2000 3.4.06 and earlier allows remote attackers to inject arbitrary web script or… | |
CVE-2007-6240 | | 2007-12-05 | SQL injection vulnerability in active.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the BuildTime parameter. | |
CVE-2007-1374 | | 2007-03-10 | Cross-site scripting (XSS) vulnerability in pop_profile.asp in Snitz Forums 2000 3.4.06 allows remote attackers to inject arbitrary web script or HTML via the… | |
CVE-2007-1023 | | 2007-02-21 | SQL injection vulnerability in pop_profile.asp in Snitz Forums 2000 3.1 SR4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |
CVE-2006-4796 | | 2006-09-14 | Cross-site scripting (XSS) vulnerability in forum.asp in Snitz Forums 2000 3.4.06 allows remote attackers to inject arbitrary web script or HTML via the sortor… | |
CVE-2006-2959 | | 2006-06-12 | SQL injection vulnerability in inc_header.asp in Snitz Forum 3.4.05 and earlier allows remote attackers to execute arbitrary SQL commands via the %strCookieURL… | |
CVE-2006-2530 | | 2006-05-22 | avatar_upload.asp in Avatar MOD 1.3 for Snitz Forums 3.4, and possibly other versions, allows remote attackers to bypass file type checks and upload arbitrary… | |
CVE-2005-3411 | | 2005-11-01 | Cross-site scripting (XSS) vulnerability in post.asp in Snitz Forums 2000 3.4.05 allows remote attackers to inject arbitrary web script or HTML via the type pa… | |
CVE-2004-2720 | | 2004-12-31 | Cross-site scripting (XSS) vulnerability in register.asp in Snitz Forums 2000 3.4.04 and earlier allows remote attackers to inject arbitrary web script or HTML… | |
CVE-2004-1687 | | 2004-09-16 | CRLF injection vulnerability in down.asp for Snitz Forums 2000 3.4.04 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTM… | |
CVE-2003-0494 | | 2003-08-07 | password.asp in Snitz Forums 3.4.03 and earlier allows remote attackers to reset passwords and gain privileges as other users by via a direct request to passwo… |