13 matches found
EUVD-2004-2728
Malware in sbrugna...
EUVD-2006-3067
Malware in sbrugna...
EUVD-2005-1822
Malware in sbrugna...
EUVD-2009-4797
Malware in sbrugna...
Zeroboard文件泄露远程任意命令执行漏洞
BUGTRAQ: 12258 Zeroboard不正确过滤用户提交的URL请求,远程攻击者可以利用这个漏洞查看系统文件内容或以进程权限执行任意命令。 Zeroboard 4.1 pl2-p15 厂商补丁: Zeroboard --------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.zeroboard.com/ 远程用户可以提供包含多个'../'字符的数据作为参数提交给有漏洞的脚本处理,可以WEB进程权限查看任意文件内容:...
Zeroboard 4.1 preg_replace Remote nobody Shell Exploit
Exploit for unknown platform in category web applications ====================================================== Zeroboard 4.1 pregreplace Remote nobody Shell Exploit ====================================================== /...
ZeroBoard 4.1 - 'preg_replace' Remote Nobody Shell
/ ---------------------------------------------------------------------------------- + Zeroboard pregreplace vulnerability Remote nobody shell exploit ---------------------------------------------------------------------------------- by n0gada [email protected] date : 2005/5/29 the bug Origina...
Zeroboard 4.1 preg_replace Remote nobody Shell Exploit
No description provided by source. / ---------------------------------------------------------------------------------- + Zeroboard pregreplace vulnerability Remote nobody shell exploit ---------------------------------------------------------------------------------- by n0gada [email protected]...
ZeroBoard - Worm Source Code
/ The worm exploits a vulnerability in ZeroBoard, allowing an attacker to inject arbitrary PHP code. /str0ke / / ZeroBoard -1day INE w0rm / include include include include include include include include include ifdef sun include endif / SunOS / define DEBUGING undef DEBUGING define TMPFILE...
ZeroBoard Worm Source Code
No description provided by source. / The worm exploits a vulnerability in ZeroBoard, allowing an attacker to inject arbitrary PHP code. /str0ke / / ZeroBoard -1day INE w0rm / include stdio.h include unistd.h include stdlib.h include sys/socket.h include netdb.h include netinet/in.h include signal...
Zeroboard < 4.1pl6 Multiple XSS
The remote host runs Zeroboard, a web BBS application popular in Korea. The remote version of this software is vulnerable to cross-site scripting attacks due to a lack of sanitization of user-supplied data. Successful exploitation of this issue may allow an attacker to execute malicious script co...
CVE-2004-2738
Cross-site scripting XSS vulnerability in checkuserid.php in ZeroBoard 4.1pl4 and earlier allows remote attackers to inject arbitrary web script or HTML via the userid parameter...
malicious PHP source injection
JCC Security Advisory June 15, 2002 malicious PHP source injection Description Zeroboard is one of popular PHP web boards in Korea. When allowurlfopen = On and registerglobals = On in php.ini, Zeroboard has vulnerability because head.php contains dangerous codes. So an attacker can include any...