Lucene search
K

573 matches found

CVE
CVE
added 2018/01/12 9:0 a.m.53 views

CVE-2018-5375

Discuz! DiscuzX X3.4 is affected by a cross-site scripting (XSS) vulnerability in the file path include\cp\cp_space.php, triggered by the appid parameter during a delete action. The connected documents confirm the vulnerable component/file and the vulnerability class, stating the issue directly. ...

6.1CVSS5.9AI score0.00829EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/01/12 9:0 a.m.47 views

CVE-2018-5376

CVE-2018-5376 affects Discuz! DiscuzX X3.4, with a cross-site scripting (XSS) vulnerability exploitable via the include/cp/cp_upload.php op parameter. The underlying issue is an input handling flaw in that parameter enabling arbitrary script/HTML injection. CVSS data indicate network access with ...

6.1CVSS6AI score0.00831EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/01/12 12:0 a.m.7 views

Discuz! DiscuzX cross-site scripting vulnerability

Discuz! DiscuzX is an online forum system. A cross-site scripting vulnerability exists in Discuz! DiscuzX X3.4. A remote attacker can exploit this vulnerability by sending the 'view' parameter to the include/space/spacepoll.php file to inject arbitrary Web script or HTML...

5.4CVSS6.4AI score0.00641EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/01/10 9:0 a.m.18 views

CVE-2018-5331

Discuz! DiscuzX X3.4 has XSS via the view parameter to include/space/spacepoll.php, as demonstrated by a mod=space do=poll request to home.php...

5.3AI score0.00641EPSS
Exploits1References1
OSV
OSV
added 2018/01/08 9:29 a.m.3 views

CVE-2018-5259

Discuz! DiscuzX X3.4 allows remote authenticated users to bypass intended attachment-deletion restrictions via a modified aid parameter...

8.8CVSS5.8AI score0.01964EPSS
Exploits0References2
Kitploit
Kitploit
added 2017/11/15 1:22 p.m.57 views

cmsPoc - A CMS Exploit Framework

A CMS Exploit Framework. Requirements python2.7 Works on Linux, Windows Usage usage: cmspoc.py -h -t TYPE -s SCRIPT -u URL optional arguments: -h, --help show this help message and exit -t TYPE, --type TYPE e.g.,phpcms -s SCRIPT, --script SCRIPT Select script -u URL, --url URL Input a target url...

7.3AI score
Exploits0References4
seebug.org
seebug.org
added 2017/08/23 12:0 a.m.73 views

Discuz X3. 3 authkey generation algorithm of the security vulnerability and the background arbitrary code execution vulnerability

0x00 background description Discuz official in 2017 8 May 1 release of the latest version of the X3. 4 version, the latest version fixes multiple security issues. 360CERT and 360 0KEE Team then for the events to follow. 0x01 vulnerability overview 360CERT and 360 0KEE Team by comparing DiscuzX3...

7.7AI score
Exploits0
myhack58
myhack58
added 2017/07/08 12:0 a.m.129 views

Discuz plug-in Bluegrass today wechat voting rights limit and brush votes vulnerability with python scripting-vulnerability warning-the black bar safety net

Two days before the bunch of friends online canvassing, feeling that something in the programmer before it is an irony(me is the programmer before me, when a programmer there are always people that you will be stolen QQ, attack, repair the computer。。。。) Directly into the theme, with to Tools: 1...

7.6AI score
Exploits0
Gitee
Gitee
added 2017/06/15 3:51 p.m.3 views

poc

This repository appears to be a collection of proof-of-concept PoC exploits for various vulnerabilities, primarily targeting web applications. The PoCs are written in Python and utilize the Beebeeto framework. The PoCs cover a range of vulnerabilities, including SQL injection, cross-site scriptin...

7.5AI score
Exploits0
seebug.org
seebug.org
added 2017/02/09 12:0 a.m.25 views

Discuz! 2.5-3.3 version stored XSS vulnerability

No description provided by source...

7.1AI score
Exploits0
CNVD
CNVD
added 2016/12/06 12:0 a.m.3 views

Earcms down.php suffers from arbitrary file download vulnerability

Ear Music Ear Music is an interface using Discuz backend style and UCHome user center style combined with the core by the high-speed template engine and caching mechanism and other frameworks coexist PHP open source music system. Earcms down.php arbitrary file download vulnerability. Allow...

7AI score
Exploits0
myhack58
myhack58
added 2016/10/20 12:0 a.m.33 views

discuz the latest version 2 0 1 6 0 6 0 1 SSRF vulnerability analysis and solution-vulnerability warning-the black bar safety net

References SSRF to GET the SHELL tick:the tick-2 0 1 5-0 1 5 1 1 7 9 Vulnerability poc Visit: /forum. php? mod=ajax&action=downremoteimg&message=img=1,1http://23.88.58.149/1.jpg/img&inajax=1&fid=2&wysiwyg=1&formhash=ead1f9a6 Need to bring formhash, you can also post mode request. discuz have a...

7.4AI score
Exploits0
CNVD
CNVD
added 2016/09/18 12:0 a.m.2 views

Discuz x3.2 Remote Command Execution Vulnerability

Discuz! is a Web forum program. A remote command execution vulnerability exists in Discuz x3.2. Allows an attacker to construct special exploit code to remotely execute commands to gain server privileges...

8AI score
Exploits0References1
seebug.org
seebug.org
added 2016/06/17 12:0 a.m.206 views

Discuz! x the use of SSRF remote command execution vulnerability

Content source: security think tank 0X01 ready to work jannock issued by Discuz conditional remote command execution,a lot of big stations affected, the online hasn't published details, in a safe public number to see on the jannock simple to say about the principle, is ssrf+redis/memcache issues,...

7.9AI score
Exploits0
seebug.org
seebug.org
added 2016/05/30 12:0 a.m.34 views

金蝶某系统存在远程命令执行

简要描述: 金蝶某系统存在远程命令执行 详细说明: http://118.194.40.105/ 为discuz,且服务器存在redis服务,通过ssrf WooYun: Discuz!另一处SSRF无须登陆无须条件 可以更改discuz缓存代码,从而实现远程命令执行。 设置 还原 漏洞证明:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/05/06 12:0 a.m.26 views

Discuz! source\function\function_discuzcode.php 存储型xss漏洞

No description provided by source...

7.1AI score
Exploits0
myhack58
myhack58
added 2016/04/25 12:0 a.m.32 views

AppCan vulnerability spree(AppCan weak password\XSS\SQL injection\sensitive files leaked\weak password\file upload vulnerability collection)-vulnerability warning-the black bar safety net

Test yourself to write the discuz scan tool robustness of the time to find a backup file http://bbs. appcan. cn//config/configucenter. php. bak Use uckey getshell failure,the test has changed uckey. To continue testing,found a suspected injection point http://edu. appcan. cn/traindetailnew. html?...

7.7AI score
Exploits0
seebug.org
seebug.org
added 2016/03/28 12:0 a.m.120 views

Discuz! X2 X3多个版本无须登陆无须条件SSRF漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/08 12:0 a.m.24 views

Discuz! 后台开启广播条件下的存储型跨站脚本漏洞和ssrf漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/03 12:0 a.m.55 views

Discuz X2.5 /uc_server/control/admin/db.php 路径泄露漏洞

No description provided by source...

7.1AI score
Exploits0
Rows per page
Query Builder