members.asp in Snitz Forums 2000 version 3.3.03 and previous versions allows remote malicious users to execute arbitrary code via a SQL injection attack on the parameters (1) M_NAME, (2) UserName, (3) FirstName, (4) LastName, or (5) INITIAL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
snitz communications snitz forums 2000 3.0 |
||
snitz communications snitz forums 2000 3.1 |
||
snitz communications snitz forums 2000 3.3.01 |
||
snitz communications snitz forums 2000 3.3.03 |
||
snitz communications snitz forums 2000 3.3 |
||
snitz communications snitz forums 2000 3.3.02 |