Vulnerabilities > CVE-2002-0607 - SQL Injection vulnerability in Snitz Forums 2000 Members.ASP
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows remote attackers to execute arbitrary code via a SQL injection attack on the parameters (1) M_NAME, (2) UserName, (3) FirstName, (4) LastName, or (5) INITIAL.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 6 |
Exploit-Db
description | Snitz Forums 2000 3.x Members.ASP SQL Injection Vulnerability. CVE-2002-0607. Webapps exploit for asp platform |
id | EDB-ID:21400 |
last seen | 2016-02-02 |
modified | 2002-04-19 |
published | 2002-04-19 |
reporter | acemi |
source | https://www.exploit-db.com/download/21400/ |
title | Snitz Forums 2000 3.x Members.ASP SQL Injection Vulnerability |