The remote host is vulnerable to a Cross-Site Scripting (XSS) attack.
The remote host is running ZeroBoard, a web-based bulletin board written in PHP. This version of Zeroboard is vulnerable to a cross-site scripting (XSS) flaw as well as a flaw in the 'preg_replace' function. An attacker exploiting these flaws would require that the attacker be able to: 1) convince an unsuspecting user to visit a malicious website 2) send HTTP requests that are parsed by the 'preg_replace' function. Successful exploitation leads to arbitrary code execution on the remote system or arbitrary code executing in client browsers (after following a malicious URI).
Upgrade or patch according to vendor recommendations.