SQL Injection Vulnerability in Snitz Forums 2000 version 3.3.03 and earlier

SQL Injection Vulnerability in Snitz Forums 2000 version 3.3.03 and earlier

CVE-2002-0607 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows remote attackers to execute arbitrary code via a SQL injection attack on the parameters (1) M_NAME, (2) UserName, (3) FirstName, (4) LastName, or (5) INITIAL.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.