Vulnerabilities > Snitz Communications
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-08-07 | CVE-2003-0493 | Authentication Bypass vulnerability in Snitz Communications Snitz Forums 2000 3.4.03 Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and replaying the encrypted password after obtaining a valid session ID. | 10.0 |
| 2003-08-07 | CVE-2003-0492 | Cross-Site Scripting vulnerability in Snitz Communications Snitz Forums 2000 3.4.03 Cross-site scripting (XSS) vulnerability in search.asp for Snitz Forums 3.4.03 and earlier allows remote attackers to execute arbitrary web script via the Search parameter. network snitz-communications | 6.8 |
| 2003-06-16 | CVE-2003-0286 | SQL Injection vulnerability in Snitz Communications Snitz Forums 2000 SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote attackers to execute arbitrary stored procedures via the Email variable. | 7.5 |
| 2002-06-25 | CVE-2002-0329 | Unspecified vulnerability in Snitz Communications Snitz Forums 2000 Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as other Forums 2000 users via Javascript in an IMG tag. | 7.5 |
| 2002-06-18 | CVE-2002-0607 | SQL Injection vulnerability in Snitz Forums 2000 Members.ASP members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows remote attackers to execute arbitrary code via a SQL injection attack on the parameters (1) M_NAME, (2) UserName, (3) FirstName, (4) LastName, or (5) INITIAL. | 7.5 |