Описание
SQL injection vulnerability in settings.asp in Zixforum 1.12 allows remote attackers to execute arbitrary SQL commands via the layid parameter to (1) login.asp and (2) main.asp.
SQL injection vulnerability in settings.asp in Zixforum 1.12 allows remote attackers to execute arbitrary SQL commands via the layid parameter to (1) login.asp and (2) main.asp.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-2541
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26577
- https://www.exploit-db.com/exploits/1807
- http://secunia.com/advisories/20190
- http://securityreason.com/securityalert/946
- http://www.kapda.ir/advisory-327.html
- http://www.osvdb.org/25707
- http://www.securityfocus.com/archive/1/434575/100/0/threaded
- http://www.securityfocus.com/bid/18043
- http://www.vupen.com/english/advisories/2006/1889
EPSS
Процентиль: 83%
0.01976
Низкий
CVE ID
Связанные уязвимости
nvd
больше 19 лет назад
SQL injection vulnerability in settings.asp in Zixforum 1.12 allows remote attackers to execute arbitrary SQL commands via the layid parameter to (1) login.asp and (2) main.asp.
EPSS
Процентиль: 83%
0.01976
Низкий