Описание
SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote attackers to execute arbitrary stored procedures via the Email variable.
SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote attackers to execute arbitrary stored procedures via the Email variable.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2003-0286
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11981
- http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0067.html
- http://marc.info/?l=bugtraq&m=105277599131134&w=2
- http://osvdb.org/56166
- http://packetstormsecurity.org/0305-exploits/snitz_exec.txt
- http://secunia.com/advisories/35733
- http://www.securityfocus.com/bid/35764
- http://www.securityfocus.com/bid/7549
Связанные уязвимости
nvd
около 22 лет назад
SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote attackers to execute arbitrary stored procedures via the Email variable.