CVE-2002-0607

Snitz Forums 2000 3.3.03 - SQL Injection via M_NAME UserName FirstName LastName or INITIAL Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0607. PoCs published by acemi.

AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in Snitz Forums 2000 via the members.asp script. The attacker can manipulate the M_NAME parameter to inject SQL commands, potentially leading to information disclosure or data modification.

Description

members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows remote attackers to execute arbitrary code via a SQL injection attack on the parameters (1) M_NAME, (2) UserName, (3) FirstName, (4) LastName, or (5) INITIAL.

Exploits (1)

exploitdb WORKING POC VERIFIED
by acemi · textwebappsasp
https://www.exploit-db.com/exploits/21400

This exploit demonstrates a SQL injection vulnerability in Snitz Forums 2000 via the members.asp script. The attacker can manipulate the M_NAME parameter to inject SQL commands, potentially leading to information disclosure or data modification.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Snitz Forums 2000
No auth needed
Prerequisites: Access to the members.asp script
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/4558
Vendor Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/8898.php
Patch, Vendor Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-04/0279.html

Scores

EPSS 0.0238
EPSS Percentile 81.9%

Details

Status published
Products (6)
snitz_communications/snitz_forums_2000 3.0
snitz_communications/snitz_forums_2000 3.1 sr4
snitz_communications/snitz_forums_2000 3.3
snitz_communications/snitz_forums_2000 3.3.01
snitz_communications/snitz_forums_2000 3.3.02
snitz_communications/snitz_forums_2000 3.3.03
Published Jun 18, 2002
Tracked Since Feb 18, 2026