CVEMON

CVE SEARCH UTILITY|

CVE-2006-2541

SQL injection vulnerability in settings.asp in Zixforum 1.12 allows remote attackers to execute arbitrary SQL commands via the layid parameter to (1) login.asp and (2) main.asp.