CVE-2005-3411

Snitz Forums 2000 3.4.05 - Cross-Site Scripting via Type Parameter in Post.asp

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-3411. PoCs published by h4xorcrew.

AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in Snitz Forum due to improper input sanitization. The PoC URL injects arbitrary JavaScript code via the 'type' parameter, which executes in the context of the affected site.

Description

Cross-site scripting (XSS) vulnerability in post.asp in Snitz Forums 2000 3.4.05 allows remote attackers to inject arbitrary web script or HTML via the type parameter in a Topic method.

Exploits (1)

exploitdb WORKING POC VERIFIED
by h4xorcrew · textwebappsasp
https://www.exploit-db.com/exploits/26439

This exploit demonstrates a cross-site scripting (XSS) vulnerability in Snitz Forum due to improper input sanitization. The PoC URL injects arbitrary JavaScript code via the 'type' parameter, which executes in the context of the affected site.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Snitz Forum (version not specified)
No auth needed
Prerequisites: A vulnerable instance of Snitz Forum · User interaction to visit the crafted URL
MITRE ATT&CK
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/20421
Various Sources x_refsource_confirm
http://forum.snitz.com/forum/topic.asp?TOPIC_ID=60011
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2005/2261
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/15241
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17385

Scores

EPSS 0.0365
EPSS Percentile 88.3%

Details

Status published
Products (1)
snitz_communications/snitz_forums_2000 3.4.05
Published Nov 01, 2005
Tracked Since Feb 18, 2026