CVE-2003-0286 Information

Description

SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03 and possibly 3.4.07 and earlier allows remote attackers to execute arbitrary stored procedures via the Email variable.

Reference

http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0067.html http://marc.info/?l=bugtraq&m=105277599131134&w=2 http://osvdb.org/56166 http://packetstormsecurity.org/0305-exploits/snitz_exec.txt http://secunia.com/advisories/35733 http://www.securityfocus.com/bid/35764 http://www.securityfocus.com/bid/7549 https://exchange.xforce.ibmcloud.com/vulnerabilities/11981