CVE-2005-4334

2005-12-1711:00:00

mitre

www.cve.org

8.4 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.8%

JSON

SQL injection vulnerability in ZixForum 1.12 allows remote attackers to execute arbitrary SQL commands via the H_ID parameter to (1) zixforum/forum.asp, as used in (2) Headforums.asp and (3) Subject.asp.

References

securitytracker.com/id?1015359

www.attrition.org/pipermail/vim/2006-April/000687.html

www.osvdb.org/22096

www.securityfocus.com/bid/16406