Family: CGI abuses --> Category: infos
Zeroboard flaws (2) Vulnerability Scan
Vulnerability Scan Summary
Checks for Zeroboard flaws
Detailed Explanation for this Vulnerability Test
The remote web server contains several PHP scripts that are prone to
arbitrary PHP code execution and file disclosure attacks.
The remote host runs Zeroboard, a web BBS application popular in Korea.
The remote version of this CGI is vulnerable to multiple flaws which may
allow a possible hacker to execute arbitrary PHP commands on the remote host
by including a PHP file hosted on a third-party server, or to read
arbitrary files with the rights of the remote web server.
See also :
Upgrade to Zeroboard 4.1pl6 or later.
Medium / CVSS Base Score : 6
Click HERE for more information and discussions on this network vulnerability scan.