CVE-2002-0329

Snitz Communications Snitz Forums 2000 - XSS

Title source: rule

Description

Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as other Forums 2000 users via Javascript in an IMG tag.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Justin · textwebappsasp

https://www.exploit-db.com/exploits/21308

View Code ZIP pw:eip

References (6)

Core 6

Core References

Exploit, Patch, Vendor Advisory x_refsource_confirm

http://forum.snitz.com/forum/link.asp?TOPIC_ID=23660

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=101485184605149&w=2

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/132011

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/4192

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://online.securityfocus.com/archive/1/258981

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_xf

http://www.iss.net/security_center/static/8309.php

Scores

EPSS 0.2370

EPSS Percentile 96.1%

Details

Status published

Products (6)

snitz_communications/snitz_forums_2000 3.0

snitz_communications/snitz_forums_2000 3.1 sr4

snitz_communications/snitz_forums_2000 3.2.03

snitz_communications/snitz_forums_2000 3.3

snitz_communications/snitz_forums_2000 3.3.01

snitz_communications/snitz_forums_2000 3.3.02

Published Jun 25, 2002

Tracked Since Feb 18, 2026