SQL injection vulnerability in inc_header.asp in Snitz Forum 3.4.05 and earlier allows remote attackers to execute arbitrary SQL commands via the %strCookieURL%.GROUP parameter in a cookie.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Snitz_forums_2000 | Snitz_communications | 3.1 | 3.1 |
Snitz_forums_2000 | Snitz_communications | 3.4.03 | 3.4.03 |
Snitz_forums_2000 | Snitz_communications | 3.3.01 | 3.3.01 |
Snitz_forums_2000 | Snitz_communications | 3.3.02 | 3.3.02 |
Snitz_forums_2000 | Snitz_communications | 3.4.05 | 3.4.05 |
Snitz_forums_2000 | Snitz_communications | 3.4.02 | 3.4.02 |
Snitz_forums_2000 | Snitz_communications | 3.4.04 | 3.4.04 |
Snitz_forums_2000 | Snitz_communications | 3.0 | 3.0 |
Snitz_forums_2000 | Snitz_communications | 3.3 | 3.3 |
Snitz_forums_2000 | Snitz_communications | 3.3.03 | 3.3.03 |