| VID |
210116 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The ZeroBoard software has a file disclosure vulnerability. ZeroBoard is a freely available, open source PHP-based bulletin board software, and widely used in Korea. Zeroboard versions 4.1pl8 is vulnerable to a SQL Injection, caused by zboard.php, member_memo3.php, _head.php files.
* References:
http://www.xpressengine.com/zb4_security/
http://hacker.or.kr/?page=25
* Platforms Affected:
Zeroboard versions 4.1pl8
Any operating system Any version |
| Recommendation |
Apply the appropriate patch for this vulnerability, as listed in Zeroboard4 site at http://www.xpressengine.com/zb4_security/
http://hacker.or.kr/?page=25 |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
