• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

IkonBoard Cookie Default Parameter Arbitrary Command Execution Vulnerability

It has been reported that IkonBoard may be prone to an arbitrary command execution vulnerability. The vulnerability is reportedly due to insufficient sanitization performed on user supplied 'default' cookie data.

This vulnerability has been reported to affect IkonBoard version 3.1.2a; previous versions are also reported to be affected.