Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Discuz! Security Vulnerabilities

cve
cve

CVE-2008-6957

member.php in Crossday Discuz! Board allows remote attackers to reset passwords of arbitrary users via crafted (1) lostpasswd and (2) getpasswd actions, possibly involving predictable generation of the id parameter.

7.1AI Score

0.095EPSS

2009-08-12 10:30 AM
22
cve
cve

CVE-2018-14729

The database backup feature in upload/source/admincp/admincp_db.php in Discuz! 2.5 and 3.4 allows remote attackers to execute arbitrary PHP code.

8.8CVSS

8.9AI Score

0.021EPSS

2019-05-22 06:29 PM
33
cve
cve

CVE-2018-19464

Discuz! X3.4 allows XSS via admin.php because admincp/admincp_setting.php and template\default\common\footer.htm mishandles statcode field from third-party stats code.

4.8CVSS

4.9AI Score

0.001EPSS

2018-11-22 09:29 PM
17