25 matches found
CVE-2018-14729
The database backup feature in upload/source/admincp/admincpdb.php in Discuz! 2.5 and 3.4 allows remote attackers to execute arbitrary PHP code...
EUVD-2018-2371
Malware in sbrugna...
EUVD-2018-12979
Malware in sbrugna...
EUVD-2018-17149
Malware in sbrugna...
CVE-2025-7803
A vulnerability was found in descreekert wx-discuz up to 12bd4745c63ec203cb32119bf77ead4a923bf277. It has been classified as problematic. This affects the function validToken of the file /wx.php. The manipulation of the argument echostr leads to cross site scripting. It is possible to initiate th...
PT-2025-30090 · Wx-Discuz · Wx-Discuz
Name of the Vulnerable Software and Affected Versions: descreekert wx-discuz versions prior to 12bd4745c63ec203cb32119bf77ead4a923bf277 Description: A vulnerability exists in the validToken function of the /wx.php file. Manipulation of the echostr argument can lead to cross-site scripting. The...
CVE-2024-30884
Reflected Cross-Site Scripting XSS vulnerability in Discuz! version X3.4 20220811, allows remote attackers to execute arbitrary code and obtain sensitive information via crafted payload to the primarybegin parameter in the misc.php component...
discuz 7.2 网站路径泄露漏洞
No description provided by source...
Discuz 3.2 /static/js/bbcode.js 跨站脚本漏洞
No description provided by source...
Discuz! xxe 可破坏数据库结构,导致脏数据进入
简要描述: Discuz! xxe 可破坏数据库结构,导致脏数据进入.......dz太变态了,小引号也过滤了,妹的,没办法只能分析到这里,但是隐约感觉到,这里存在很大的风险,因为改变了系统模板风格,先发个福利,大家自己看吧 详细说明: 首先我们看文件: portalcpdiy.php(lines:301-324): if submitcheck'importsubmit' $isinner = false; $filename = ''; if$POST'importfilename' $filename =...
Discuz 5. x/6. x/7. x-poll SQL injection analysis-vulnerability warning-the black bar safety net
Look at the clouds someone proof this vulnerability: Feel should be the editpost. inc. php in the voting vulnerabilities. Because dz has been determined no longer to patch 7. x previous vulnerability, so directly attached to the details. The problem is in the editpost. inc. php 2 8 1 line of...
Crossday Discuz! 2.0/3.0 Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9584/info It has been reported that Discuz! is prone to an Cross Site Scripting vulnerability. This issue is caused by the application failing to properly sanitize links embedded within user messages. Upon successful...
About SSV-ID: 4 4 7 4 POC analysis and reflection-vulnerability warning-the black bar safety net
SSV-ID: 4 4 7 4 SSV-AppDir: Discuz! Vulnerability Published: 2008-11-21 GMT+0 8 0 0 URL: http://sebug.net/vuldb/ssvid-4474 A very old vulnerability, just as the study of penetration of a material of the bale, with its poc, the direct can be used, it feel so magical at the same time want to analyz...
Discuz2. x-3. x tasteless through the kill injection vulnerability-vulnerability warning-the black bar safety net
The first description of this things of little value, test pass to kill 2. x-3. x, the following version didn't see the specific use of the method I also did not go to research, at most, mysql has file privilege when you can getshell, of course, discuz still a lot of places have issues, this is n...
Discuz! 体验站点跨站漏洞
简要描述: 去年就存在 一直未修复。。。杯具。。。 详细说明: 漏洞证明: http://www.discuz.org/ucserver/admin.php?m=user&a=login&iframe=%22%3E%3Cscript%3Ealert%28/insafe/%29%3C/script%3E...
Discuz! The latest to get Webshell method, test possible-vulnerability warning-the black bar safety net
Discuz! The latest to get Webshell method, the test feasible Inadvertently invaded the game's official website, can not get Webshell, the depressed found that there is a Discuz! Forum, immediately according to have to get the password of social workers, Oh, and actually successfully into the...
Discuz! Cross Site Scripting
hi; All versions of Discuz! have the cross-site vulnerabilities because of the export value of "$referer". Like: Discuz! 7.X Discuz! 6.X Discuz! 5.X Discuz!NT 3.X and so on. There are some htm pages in all versions of Discuz!, that are: /templates/default/attachpay.htm /templates/default/ecrate.h...
Discuz v1.0 XSS Vulnerability
No description provided by source. ======================================================================================== | Title : Discuz Cross Site Scripting Vulnerability | Author : indoushka | email : [email protected] | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria...
Discuz! 7.0 and below the version background get a webshell without founder-vulnerability warning-the black bar safety net
Author: oldjun I rarely care about such vulnerability, it has been rarely take the stand, and encounters a DZ more just passing through, also did not go too much care about the DZ's vulnerability or to study the code; shortly before the Forum is left a shell, I check half a day, but since met, it...
Discuz! 6. x/7. x SODB-2 0 0 8-1 3 Exp-vulnerability warning-the black bar safety net
!/ usr/bin/php ? php / Discuz! 6. x/7. x SODB-2 0 0 8-1 3 Exp By www.80vul.com notes the value of the variable, add your own to modify / $host = 'www.80vul.com'; // Server domain or IP $path = '/discuz/'; // Where the program path $key = 0; // The above variable is edited, make will the value her...