CVE

Id
9847  
CVE No.
CVE-2004-1419  
Status
Candidate  
Description
PHP remote file inclusion vulnerability in ZeroBoard 4.1pl4 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) _zb_path parameter to outlogin.php or (2) dir parameter to write.php to reference a URL on a remote web server that contains the code.  
Phase
Assigned (20050212)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
67168 9847 CVE-2004-1419 BUGTRAQ:20041224 STG Security Advisory: [SSA-20041220-16] PHP source injection and cross-site scripting vulnerabilities in ZeroBoard  View
67169 9847 CVE-2004-1419 URL:http://marc.info/?l=bugtraq&m=110391024404947&w=2  View
67170 9847 CVE-2004-1419 FULLDISC:20041223 STG Security Advisory: [SSA-20041220-16] PHP source injection and cross-site scripting vulnerabilities in ZeroBoard  View
67171 9847 CVE-2004-1419 URL:http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030224.html  View
67172 9847 CVE-2004-1419 BID:12103  View
67173 9847 CVE-2004-1419 URL:http://www.securityfocus.com/bid/12103  View
67174 9847 CVE-2004-1419 OSVDB:12580  View
67175 9847 CVE-2004-1419 URL:http://www.osvdb.org/12580  View
67176 9847 CVE-2004-1419 OSVDB:12581  View
67177 9847 CVE-2004-1419 URL:http://www.osvdb.org/12581  View
67178 9847 CVE-2004-1419 SECTRACK:1012677  View
67179 9847 CVE-2004-1419 URL:http://securitytracker.com/id?1012677  View
67180 9847 CVE-2004-1419 SECUNIA:13649  View
67181 9847 CVE-2004-1419 URL:http://secunia.com/advisories/13649  View
67182 9847 CVE-2004-1419 XF:zeroboard-write-file-include(18679)  View
67183 9847 CVE-2004-1419 URL:http://xforce.iss.net/xforce/xfdb/18679  View
67184 9847 CVE-2004-1419 XF:zeroboard-outlogin-file-include(18677)  View

Related JVN