Snitz Forums 2000 CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2003-0493	1 Snitz Communications	1 Snitz Forums 2000	2025-04-03	N/A
Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and replaying the encrypted password after obtaining a valid session ID.
CVE-2006-4796	1 Snitz Communications	1 Snitz Forums 2000	2025-04-03	N/A
Cross-site scripting (XSS) vulnerability in forum.asp in Snitz Forums 2000 3.4.06 allows remote attackers to inject arbitrary web script or HTML via the sortorder parameter (strtopicsortord variable).
CVE-2002-0329	1 Snitz Communications	1 Snitz Forums 2000	2025-04-03	N/A
Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as other Forums 2000 users via Javascript in an IMG tag.
CVE-2002-0607	1 Snitz Communications	1 Snitz Forums 2000	2025-04-03	N/A
members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows remote attackers to execute arbitrary code via a SQL injection attack on the parameters (1) M_NAME, (2) UserName, (3) FirstName, (4) LastName, or (5) INITIAL.
CVE-2006-2530	1 Snitz Communications	2 Avatar Mod, Snitz Forums 2000	2025-04-03	N/A
avatar_upload.asp in Avatar MOD 1.3 for Snitz Forums 3.4, and possibly other versions, allows remote attackers to bypass file type checks and upload arbitrary files via a null byte in the file name, as discovered by the Codescan product.

« first previous Page 2 of 2.