Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0286

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0286
Last Modified 27 Jul 2009 12:00:00
Published 16 Jun 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0286

Summary

SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote attackers to execute arbitrary stored procedures via the Email variable.

Vulnerable Systems

Application

  • Snitz Communications Snitz Forums 2000 3.3.03


References

BID - 7549

BID - 35764

XF - snitz-register-sql-injection(11981)

SECUNIA - 35733

MISC - http://packetstormsecurity.org/0305-exploits/snitz_exec.txt

OSVDB - 56166

BUGTRAQ - 20030513 Snitz Forum 3.3.03 Remote Command Execution

VULNWATCH - 20030512 Snitz Forum 3.3.03 Remote Command Execution


Last Updated: 27 May 2016 10:37:50