Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Podatności dla
'Snitz forums 2000'
2012-10-08
CVE-2012-5313
CWE-89
SQL injection vulnerability in forum.asp in Snitz Forums 2000 allows remote attackers to execute arbitrary SQL commands via the TOPIC_ID parameter.
2010-01-04
CVE-2009-4554
CWE-79
Multiple cross-site scripting (XSS) vulnerabilities in Snitz Forums 2000 3.4.07 allow remote attackers to inject arbitrary web script or HTML via (1) the url parameter to pop_send_to_friend.asp, related to a crafted onload attribute of an IMG element; or (2) an onload attribute in a sound tag.
2008-01-09
CVE-2008-0209
CWE-20
Open redirect vulnerability in Forums/login.asp in Snitz Forums 2000 3.4.06 and earlier allows remote attackers to redirect users to arbitrary web sites via a URL in the target parameter.
CVE-2008-0208
CWE-79
Cross-site scripting (XSS) vulnerability in login.asp in Snitz Forums 2000 3.4.05 and earlier allows remote attackers to inject arbitrary web script or HTML via the target parameter.
2008-01-08
CVE-2008-0136
CWE-200
Snitz Forums 2000 3.4.05 allows remote attackers to obtain sensitive information via a direct request to forum/whereami.asp, which reveals the database path.
CVE-2008-0135
CWE-264
Snitz Forums 2000 3.4.06 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for forum/snitz_forums_2000.mdb.
CVE-2008-0134
CWE-79
Cross-site scripting (XSS) vulnerability in Forums/setup.asp in Snitz Forums 2000 3.4.06 and earlier allows remote attackers to inject arbitrary web script or HTML via the MAIL parameter.
2007-12-05
CVE-2007-6240
CWE-89
SQL injection vulnerability in active.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the BuildTime parameter.
2007-03-09
CVE-2007-1374
Cross-site scripting (XSS) vulnerability in pop_profile.asp in Snitz Forums 2000 3.4.06 allows remote attackers to inject arbitrary web script or HTML via the MSN parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
2007-02-21
CVE-2007-1023
SQL injection vulnerability in pop_profile.asp in Snitz Forums 2000 3.1 SR4 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Copyright
2024
, cxsecurity.com
Back to Top
Podatności dla 'Snitz forums 2000' 
Polish
English