CPE Details
Snitz Communications Snitz Forums 2000
-
2012-10-09
15h15 +00:00
15h15 +00:00
2012-10-12
11h29 +00:00
11h29 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:snitz_communications:snitz_forums_2000:-:*:*:*:*:*:*:*
Informations
Vendor
snitz_communicationsProduct
snitz_forums_2000Version
-Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| SQL injection vulnerability in forum.asp in Snitz Forums 2000 allows remote attackers to execute arbitrary SQL commands via the TOPIC_ID parameter. | 7.5 |
|||
| Cross-site scripting (XSS) vulnerability in login.asp in Snitz Forums 2000 3.4.05 and earlier allows remote attackers to inject arbitrary web script or HTML via the target parameter. | 4.3 |
|||
| Open redirect vulnerability in Forums/login.asp in Snitz Forums 2000 3.4.06 and earlier allows remote attackers to redirect users to arbitrary web sites via a URL in the target parameter. | 5.8 |
|||
| Cross-site scripting (XSS) vulnerability in Forums/setup.asp in Snitz Forums 2000 3.4.06 and earlier allows remote attackers to inject arbitrary web script or HTML via the MAIL parameter. | 4.3 |
|||
| Snitz Forums 2000 3.4.06 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for forum/snitz_forums_2000.mdb. | 5 |
|||
| Cross-site scripting (XSS) vulnerability in register.asp in Snitz Forums 2000 3.4.04 and earlier allows remote attackers to inject arbitrary web script or HTML via javascript events in the Email parameter. | 4.3 |
|||
| SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote attackers to execute arbitrary stored procedures via the Email variable. | 7.5 |
