1 results (0.004 seconds)
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 3
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 3CVE-2009-4834 – ZeroBoard 4.1 pl7 - 'now_connect()' Remote Code Execution
https://notcve.org/view.php?id=CVE-2009-4834
04 May 2010 — lib.php in Zeroboard 4.1 pl7 allows remote attackers to execute arbitrary PHP code via a crafted parameter name, possibly related to now_connect.php. lib.php en Zeroboard v4.1 pl7 permite a atacantes remotos ejecutar código PHP de su elección a través del parámetro "name" manipulado, posiblemente relacionado con now_connect.php. • https://www.exploit-db.com/exploits/9590 • CWE-94: Improper Control of Generation of Code ('Code Injection') •