Ikonboard.com : Security Vulnerabilities, CVEs, Published In 2003 (Code Execution)
FUNC.pm in IkonBoard 3.1.2a and earlier, including 3.1.1, does not properly cleanse the "lang" cookie when it contains illegal characters, which allows remote attackers to execute arbitrary code when the cookie is inserted into a Perl "eval" statement.
Max CVSS
7.5
EPSS Score
4.92%
Published
2003-09-22
Updated
2016-10-18
1 vulnerabilities found