CVE-2006-2541

2006-05-23T10:06:00
ID CVE-2006-2541
Type cve
Reporter cve@mitre.org
Modified 2018-10-18T16:40:00

Description

SQL injection vulnerability in settings.asp in Zixforum 1.12 allows remote attackers to execute arbitrary SQL commands via the layid parameter to (1) login.asp and (2) main.asp.