John Andersson: >> Zixforum >> 1.12 Security Vulnerabilities
SQL injection vulnerability in ReplyNew.asp in ZIXForum 1.12 allows remote attackers to execute arbitrary SQL commands via the RepId parameter.
CVSS Score
7.5
EPSS Score
0.009
Published
2006-09-07
SQL injection vulnerability in settings.asp in Zixforum 1.12 allows remote attackers to execute arbitrary SQL commands via the layid parameter to (1) login.asp and (2) main.asp.
CVSS Score
7.5
EPSS Score
0.031
Published
2006-05-23
SQL injection vulnerability in ZixForum 1.12 allows remote attackers to execute arbitrary SQL commands via the H_ID parameter to (1) zixforum/forum.asp, as used in (2) Headforums.asp and (3) Subject.asp.
CVSS Score
7.5
EPSS Score
0.003
Published
2005-12-17