Jeremy Bae

**Name of the Vulnerable Software and Affected Versions** ZeroBoard versions 4.1pl5 and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code by modifying the `dir` parameter to reference a URL on a remote web server that contains the code. This is possible due to multiple PHP remote file inclusion vulnerabilities in several PHP files, including `print category.php`, `login.php`, `setup.php`, `ask password.php`, and `error.php`. **Recommendations** For ZeroBoard versions 4.1pl5 and earlier, consider restricting access to the vulnerable PHP files until a patch is available. As a temporary workaround, avoid using the `dir` parameter in the affected files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ZeroBoard versions 4.1pl5 and earlier **Description** The issue allows remote attackers to read arbitrary files due to multiple directory traversal vulnerabilities. This can be achieved by including a .. (dot dot) in the ` zb path` parameter to ` head.php` or `outlogin.php`, or the `dir` parameter to `write.php`. **Recommendations** For ZeroBoard versions 4.1pl5 and earlier, consider restricting access to the ` head.php`, `outlogin.php`, and `write.php` files until a patch is available. As a temporary workaround, avoid using the ` zb path` and `dir` parameters in the affected API endpoints.

**Name of the Vulnerable Software and Affected Versions** JSBoard versions 2.0.9 and earlier **Description** A directory traversal issue in session.php allows remote attackers to read arbitrary files by including a .. (dot dot) in the `table` parameter. **Recommendations** For JSBoard versions 2.0.9 and earlier, update to a version later than 2.0.9 to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Attachment Mod 2.3.10 module for phpBB Description: The issue arises from the improper handling of files with multiple extensions, such as .php.rar, when the Attachment Mod 2.3.10 module for phpBB is used in conjunction with Apache mod mime. This allows remote attackers to upload and execute arbitrary code. Recommendations: For Attachment Mod 2.3.10, consider disabling the module until a patch is available to prevent the upload and execution of arbitrary code. Restrict access to file uploads to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: UseModWiki version 1.0 Description: A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML. This is achieved by providing a malicious argument to the wiki.pl script. Recommendations: For UseModWiki version 1.0, update to a version that addresses this issue, as the current version allows for the injection of malicious scripts. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** JSPWiki versions 2.1.120-cvs and earlier **Description** A cross-site scripting issue exists, allowing remote attackers to execute arbitrary web script as other users. This is achieved via the `query` parameter in the Search.jsp file. **Recommendations** For JSPWiki versions 2.1.120-cvs and earlier, update to a version later than 2.1.120-cvs to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Zwiki versions 0.10.0rc1 through 0.36.2 Description: A cross-site scripting issue exists due to improper cleansing of a malformed URL when generating an error message in the standard error message.dtml file. This allows remote attackers to inject arbitrary HTML and web script. Recommendations: For Zwiki versions 0.10.0rc1 through 0.36.2, update to a version that properly sanitizes URLs to prevent the injection of malicious scripts. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: cscope versions 15-4 through 15-5 Description: The issue allows local users to overwrite arbitrary files via a symlink attack due to the creation of temporary files with predictable filenames in the main.c file of the affected software. Recommendations: For cscope versions 15-4 through 15-5, consider updating to a version where this issue is resolved, or as a temporary workaround, restrict access to the temporary file creation functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Apache versions 1.3.29 and earlier Apache versions 2.0.48 and earlier **Description** A directory traversal issue allows remote attackers to read arbitrary files via a URL containing "..%5C" (dot dot encoded backslash) sequences when running on Cygwin. **Recommendations** For Apache versions 1.3.29 and earlier, update to a version later than 1.3.29 to resolve the issue. For Apache versions 2.0.48 and earlier, update to a version later than 2.0.48 to resolve the issue.