Unrated severityNVD Advisory· Published May 23, 2006· Updated Apr 16, 2026

CVE-2006-2541

Description

SQL injection vulnerability in settings.asp in Zixforum 1.12 allows remote attackers to execute arbitrary SQL commands via the layid parameter to (1) login.asp and (2) main.asp.

Affected products

Zixforum/Zixforum
cpe:2.3:a:john_andersson:zixforum:1.12:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kapda.ir/advisory-327.htmlnvdExploitVendor Advisory
www.securityfocus.com/bid/18043nvdExploit
secunia.com/advisories/20190nvdVendor Advisory
securityreason.com/securityalert/946nvd
www.osvdb.org/25707nvd
www.securityfocus.com/archive/1/434575/100/0/threadednvd
www.vupen.com/english/advisories/2006/1889nvd
exchange.xforce.ibmcloud.com/vulnerabilities/26577nvd
www.exploit-db.com/exploits/1807nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000