Vulnerabilities > John Andersson
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-09-07 | CVE-2006-4612 | SQL Injection vulnerability in John Andersson Zixforum 1.12 SQL injection vulnerability in ReplyNew.asp in ZIXForum 1.12 allows remote attackers to execute arbitrary SQL commands via the RepId parameter. | 7.5 |
2006-05-23 | CVE-2006-2541 | SQL Injection vulnerability in John Andersson Zixforum 1.12 SQL injection vulnerability in settings.asp in Zixforum 1.12 allows remote attackers to execute arbitrary SQL commands via the layid parameter to (1) login.asp and (2) main.asp. | 7.5 |
2005-12-17 | CVE-2005-4334 | SQL Injection vulnerability in John Andersson Zixforum 1.12 SQL injection vulnerability in ZixForum 1.12 allows remote attackers to execute arbitrary SQL commands via the H_ID parameter to (1) zixforum/forum.asp, as used in (2) Headforums.asp and (3) Subject.asp. | 7.5 |