Vulnerabilities (CVE)

Filtered by vendor Xpressengine Subscribe
Filtered by product Zeroboard
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-4834 1 Xpressengine 1 Zeroboard 2024-11-21 6.8 MEDIUM N/A
lib.php in Zeroboard 4.1 pl7 allows remote attackers to execute arbitrary PHP code via a crafted parameter name, possibly related to now_connect.php.