Zeroboard : Security Vulnerabilities, CVEs, Published In 2004 CVSS score >= 4
Cross-site scripting (XSS) vulnerability in check_user_id.php in ZeroBoard 4.1pl4 and earlier allows remote attackers to inject arbitrary web script or HTML via the user_id parameter.
Max CVSS
4.3
EPSS Score
0.27%
Published
2004-12-31
Updated
2017-07-29
PHP remote file inclusion vulnerability in ZeroBoard 4.1pl4 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) _zb_path parameter to outlogin.php or (2) dir parameter to write.php to reference a URL on a remote web server that contains the code.
Max CVSS
6.8
EPSS Score
2.94%
Published
2004-12-31
Updated
2017-07-11
2 vulnerabilities found