########################## WwW.BugReport.IR #########################
#
#      AmnPardaz Security Research & Penetration Testing Group
#
# Title: A user can gain admin level in snitz 2000 by SQL Injection
# vendor: http://forum.snitz.com/
# Exploit: Available
# Fix Available: Update to last version.
# Contact: admin[4t}bugreport{d0t]ir
# Credit: WwW.BugReport.ir
######################## Bug Description ###########################

Description:
A user can gain admin level in the forum and can access to the forum.
It is because of a SQL Injection in "Active.asp"

Solution:
http://forum.snitz.com/forum/topic.asp?TOPIC_ID=66005