17 matches found
EUVD-2004-0254
Malware in sbrugna...
EUVD-2008-6916
Malware in sbrugna...
EUVD-2008-6917
Malware in sbrugna...
Discuz! Board X /batch.common.php SQL注入漏洞
No description provided by source...
Discuz anti-injection function to bypass the method of analysis and useless heart repair patches-vulnerability warning-the black bar safety net
discuzdescription: Crossday Discuz! Board, hereinafter referred to as Discuz!, the China National copyright Bureau copyright registration No. 2006SR11895 is Kang Sheng Chong thinkBeijingTechnology Co., Ltd. (abbreviation Comsenz launch of a common set of community forums software system, the user...
CVE-2008-6958
wap/index.php in Crossday Discuz! Board 6.x and 7.x allows remote authenticated users to execute arbitrary PHP code via the creditsformula parameter...
Design/Logic Flaw
member.php in Crossday Discuz! Board allows remote attackers to reset passwords of arbitrary users via crafted 1 lostpasswd and 2 getpasswd actions, possibly involving predictable generation of the id parameter...
Code injection
wap/index.php in Crossday Discuz! Board 6.x and 7.x allows remote authenticated users to execute arbitrary PHP code via the creditsformula parameter...
CVE-2008-6957
member.php in Crossday Discuz! Board allows remote attackers to reset passwords of arbitrary users via crafted 1 lostpasswd and 2 getpasswd actions, possibly involving predictable generation of the id parameter...
CVE-2008-6958
CVE-2008-6958 affects Crossday Discuz! Board 6.x and 7.x. The vulnerability resides in wap/index.php where remote authenticated users can execute arbitrary PHP code via the creditsformula parameter. Evidence in multiple feeds confirms the issue and its description; no explicit mitigation or patch...
CVE-2008-6957
CVE-2008-6957 affects Crossday Discuz! Board (member.php) and allows remote attackers to reset passwords of arbitrary users via crafted lostpasswd and getpasswd actions, potentially due to predictable generation of the id parameter. The vulnerability is network-exposed with low attack complexity ...
CVE-2008-6957
member.php in Crossday Discuz! Board allows remote attackers to reset passwords of arbitrary users via crafted 1 lostpasswd and 2 getpasswd actions, possibly involving predictable generation of the id parameter...
CVE-2004-0254
Cross-site scripting XSS vulnerability in Discuz! Board 2.x and 3.x allows remote attackers to execute arbitrary script as other users via an img tag...
CVE-2004-0254
Cross-site scripting XSS vulnerability in Discuz! Board 2.x and 3.x allows remote attackers to execute arbitrary script as other users via an img tag...
CVE-2004-0254
CVE-2004-0254 describes a cross-site scripting (XSS) vulnerability in Discuz! Board 2.x and 3.x that allows a remote attacker to execute arbitrary script as other users via an img tag. The NVD entry lists a base score of 6.8 (Medium) with Network attack vector, no authentication, and partial impa...
Possible Cross Site Scripting in Discuz! Board
Advisory Name:Possible Cross Site Scripting in Discuz! Board Release Date: Feb 5,2004 Application: Discuz! Board Version Affected: 2.x , 3.x Platform: PHP Severity: Low Discover: Cheng Peng Suapplesoupatmsn.com Vendor URL: http://www.discuz.com/ Proof Of Concept: A thread including:...
discuz.txt
Advisory Name:Possible Cross Site Scripting in Discuz! Board Release Date: Feb 5,2004 Application: Discuz! Board Version Affected: 2.x , 3.x Platform: PHP Severity: Low Discover: Cheng Peng Suapplesoupatmsn.com Vendor URL: http://www.discuz.com/ Proof Of Concept: A thread including:...