Zeroboard · Zeroboard · CVE-2005-0495
**Name of the Vulnerable Software and Affected Versions**
ZeroBoard (affected versions not specified)
**Description**
A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This can be achieved via the `sn1`, `year`, or `page` parameters to "zboard.php" or the `filename` parameter to "view image.php".
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.