Tran Viet Phuong

1 exploit Active since Dec 2005
CVE-2005-4334 EXPLOITDB text WRITEUP
ZixForum 1.12 - SQL Injection via H_ID Parameter
SQL injection vulnerability in ZixForum 1.12 allows remote attackers to execute arbitrary SQL commands via the H_ID parameter to (1) zixforum/forum.asp, as used in (2) Headforums.asp and (3) Subject.asp.