NuytsTech Security

CVE-2006-2541

by ·

SQL injection vulnerability in settings.asp in Zixforum 1.12 allows remote attackers to execute arbitrary SQL commands via the layid parameter to (1) login.asp and (2) main.asp.

Date published : 2006-05-23

http://www.securityfocus.com/bid/18043

http://www.securityfocus.com/archive/1/434575/100/0/threaded

Tags: