Zeroboard XSS Network Vulnerability

Summary

The remote web server contains several PHP scripts that are prone to cross-site scripting attacks. Description : The remote host runs Zeroboard, a web BBS application popular in Korea. The remote version of this software is vulnerable to cross-site scripting attacks due to a lack of sanitization of user-supplied data. Successful exploitation of this issue may allow an attacker to execute malicious script code in a user's browser within the context of the affected web site.

Solution

Upgrade to Zeroboard 4.1pl6 or later.

References

http://www.securityfocus.com/archive/1/390933

Updated on 2015-03-25

Severity

Classification

CVE CVE-2005-0495

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Aker Secure Mail Gateway Cross-Site Scripting Vulnerability
Apache Archiva Multiple Vulnerabilities
AjaXplorer Remote Command Injection and Local File Disclosure Vulnerabilities
AMSI 'file' Parameter Directory Traversal Vulnerability
Adobe Presenter viewer.swf and loadflash.js XSS Vulnerability

Take action and discover your vulnerabilities