Lucene search
K

573 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:24 a.m.11 views

CVE-2018-5377

Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access restrictions via the archiver\index.php action parameter...

9.8CVSS7.1AI score0.02093EPSS
Exploits0References1
NVD
NVD
added 2024/04/11 5:15 a.m.30 views

CVE-2024-30884

Reflected Cross-Site Scripting XSS vulnerability in Discuz! version X3.4 20220811, allows remote attackers to execute arbitrary code and obtain sensitive information via crafted payload to the primarybegin parameter in the misc.php component...

7.1CVSS6AI score0.00526EPSS
Exploits1References1
OSV
OSV
added 2024/04/11 5:15 a.m.3 views

CVE-2024-30884

Reflected Cross-Site Scripting XSS vulnerability in Discuz! version X3.4 20220811, allows remote attackers to execute arbitrary code and obtain sensitive information via crafted payload to the primarybegin parameter in the misc.php component...

7.1CVSS6.1AI score0.00526EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/04/11 12:0 a.m.4 views

PT-2024-23656 · Discuzx · Discuzx

Name of the Vulnerable Software and Affected Versions: Discuz! version X3.4 20220811 Description: The issue is a Reflected Cross-Site Scripting XSS vulnerability, which allows remote attackers to execute arbitrary code and obtain sensitive information. This is achieved via a crafted payload to th...

7.1CVSS6.7AI score0.00526EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/04/11 12:0 a.m.5 views

Discuz! 安全漏洞

Cansheng Xintron Technology Discuz! is a community forum system based on PHP and MySQL by China's Cansheng Xintron Technology Company. A security vulnerability exists in Discuz! X3.4 version 20220811, which stems from the presence of a Reflective Cross-Site Scripting XSS vulnerability that allows...

7.1CVSS6.4AI score0.00526EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/04/11 12:0 a.m.22 views

CVE-2024-30884

Reflected Cross-Site Scripting XSS vulnerability in Discuz! version X3.4 20220811, allows remote attackers to execute arbitrary code and obtain sensitive information via crafted payload to the primarybegin parameter in the misc.php component...

6.2AI score0.00526EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/04/11 12:0 a.m.16 views

CVE-2024-30884

Reflected Cross-Site Scripting XSS vulnerability in Discuz! version X3.4 20220811, allows remote attackers to execute arbitrary code and obtain sensitive information via crafted payload to the primarybegin parameter in the misc.php component...

6.3AI score0.00526EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/03/31 12:0 a.m.6 views

Discuz! X 跨站脚本漏洞

Discuz! X is a forum platform. A cross-site scripting vulnerability exists in version 3.4-20200818 and prior versions of Discuz! X. The vulnerability stems from the fact that incorrect manipulation of the uchidden parameter can lead to cross-site scripting...

4CVSS4.1AI score0.00484EPSS
Exploits0References4
OSV
OSV
added 2023/12/18 11:15 p.m.4 views

CVE-2023-49759

Cross-Site Request Forgery CSRF vulnerability in gVectors Team WooDiscuz – WooCommerce Comments.This issue affects WooDiscuz – WooCommerce Comments: from n/a through 2.3.0...

8.8CVSS5.8AI score0.0027EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/02/15 12:0 a.m.6 views

Discuz! 跨站脚本漏洞

Cansheng Xinchuang Technology Discuz! is a community forum system based on PHP and MySQL by Cansheng Xinchuang Technology Company in China. A security vulnerability exists in Discuz! X version 3.4, which stems from the presence of a cross-site scripting XSS vulnerability that can be exploited by ...

6.1CVSS6.4AI score0.00535EPSS
Exploits0References2
CNVD
CNVD
added 2021/01/19 12:0 a.m.5 views

SQL Injection Vulnerability in Discuz!

Discuz! is a general-purpose community forum software system. A SQL injection vulnerability exists in Discuz! An attacker can exploit the vulnerability to obtain sensitive information from the database...

7.4AI score
Exploits0
CNVD
CNVD
added 2020/11/17 12:0 a.m.3 views

Shenzhen Tencent Computer System Co., Ltd Discuz! information leakage vulnerability

Crossday Discuz! Board Forum System referred to as Discuz! Forum is an efficient forum solution built with PHP and MySQL/Pgsql and many other databases. An information leakage vulnerability exists in Shenzhen Tencent Computer Systems Limited Discuz! An attacker can exploit this vulnerability to...

6.6AI score
Exploits0
CNVD
CNVD
added 2020/08/03 12:0 a.m.1 views

Arbitrary file deletion vulnerability in the background of Beijing Kangsheng Xinchuang Technology Co.

Discuz! is a general community forum software system launched by Beijing Kangsheng Xinchuang Technology Co. Discuz! x3.4 backend has an arbitrary file deletion vulnerability that can be exploited by an attacker to construct a packet to delete arbitrary files, possibly enabling reinstallation...

7.1AI score
Exploits0
Gitee
Gitee
added 2020/03/07 8:41 a.m.6 views

msf_module

msf-module wooyun还在的时候根据别人的审计写的一些msf插件,有几个还是挺好用的 module列表 auxiliary + zoomeye-search.rb exploits + Dswjcms-upload-wooyun-2015-0160899.rb + Lotapp-exec-wooyun-2015-0133750.rb + OEM-exec-wooyun-2010-0192732.rb + ZTE-exec-wooyun-2016-190343.rb + discuz-ssrf-wooyun-2011-0151179.rb +...

7.1AI score
Exploits0
Gitee
Gitee
added 2020/03/07 8:41 a.m.4 views

poc

This is a collection of proof-of-concept PoC exploits for various vulnerabilities, primarily targeting web applications. The PoCs are written in Python and utilize the Beebeeto framework. Here's a summary of the PoCs: 1. Discuz x3.0 /static/image/common/focus.swf Cross Site Scripting XSS POC: Thi...

7.2AI score
Exploits0
CNVD
CNVD
added 2019/08/07 12:0 a.m.3 views

X3.4 suffers from arbitrary file reading vulnerability

Discuz! is a general-purpose community forum software system. X3.4 has an arbitrary file reading vulnerability that can be exploited by attackers to read file information...

6.9AI score
Exploits0
CNVD
CNVD
added 2019/07/19 12:0 a.m.2 views

ML Code Injection Vulnerability

Discuz!ML is an open source community forum system based on the Discuz!X engine. A security vulnerability exists in Discuz!ML version 3.2 to 3.4. A remote attacker can exploit this vulnerability to execute arbitrary PHP code...

9.8CVSS7.6AI score0.04572EPSS
Exploits3References1
NVD
NVD
added 2019/07/18 6:15 p.m.33 views

CVE-2019-13956

Discuz!ML 3.2 through 3.4 allows remote attackers to execute arbitrary PHP code via a modified language cookie, as demonstrated by changing 4gH40df5language=en to 4gH40df5language=en'.phpinfo.'; if the random prefix 4gH40df5 were used...

9.8CVSS9.8AI score0.04572EPSS
Exploits3References1
Prion
Prion
added 2019/07/18 6:15 p.m.25 views

Code injection

Discuz!ML 3.2 through 3.4 allows remote attackers to execute arbitrary PHP code via a modified language cookie, as demonstrated by changing 4gH40df5language=en to 4gH40df5language=en'.phpinfo.'; if the random prefix 4gH40df5 were used...

7.5CVSS9.7AI score0.04572EPSS
Exploits3References1Affected Software1
Cvelist
Cvelist
added 2019/07/18 5:23 p.m.30 views

CVE-2019-13956

Discuz!ML 3.2 through 3.4 allows remote attackers to execute arbitrary PHP code via a modified language cookie, as demonstrated by changing 4gH40df5language=en to 4gH40df5language=en'.phpinfo.'; if the random prefix 4gH40df5 were used...

9.8AI score0.04572EPSS
Exploits3References1
Rows per page
Query Builder