| VID |
210118 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The ZeroBoard software has a Privilege Escalation vulnerability. ZeroBoard is a freely available, open source PHP-based bulletin board software, and widely used in Korea. Zeroboard versions prior to 4.1pl7 software has a Privilege Escalation vulnerability. Attackers may execute arbitrary code with the privileges of the bbs admin.
* References:
http://www.nydl.net/nyboard/zboard.php?id=bbs&page=1&sn1=&divpage=1&sn=off&ss=on&sc=on&select_arrange=headnum&desc=asc&no=32
* Platforms Affected:
Zeroboard versions 4.1pl7 and earlier
Any operating system Any version |
| Recommendation |
Apply the appropriate patch for this vulnerability, as listed in Zeroboard4 site at
http://www.xpressengine.com/zb4_security/
http://www.nydl.net/nyboard/zboard.php?id=bbs&page=1&sn1=&divpage=1&sn=off&ss=on&sc=on&select_arrange=headnum&desc=asc&no=32 |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
