CVE-2018-10297

Discuz! DiscuzX through X3.4 has stored XSS via the portal.php?mod=portalcp&ac=article URI, related to mishandling of IMG elements associated with remote images...

DiscuzX1.5 门户管理权限SQL注入漏洞

简要描述： DiscuzX1.5 门户管理权限SQL注入漏洞 详细说明： DiscuzX1.5 门户管理权限SQL注入漏洞 详细说明： source\include\portalcp\portalcparticle.php //90行 if$G'gpconver' $converfiles = unserializestripcslashes$G'gpconver'; $setarr'pic' = $converfiles'pic'; $setarr'thumb' = $converfiles'thumb'; $setarr'remote' = $converfiles'remote';...

DiscuzX1.5 有权限SQL注入BUG

简要描述： DiscuzX1.5 有权限SQL注入BUG 详细说明： source\include\portalcp\portalcparticle.php //90行 if$G'gpconver' $converfiles = unserializestripcslashes$G'gpconver'; $setarr'pic' = $converfiles'pic'; $setarr'thumb' = $converfiles'thumb'; $setarr'remote' = $converfiles'remote'; 可以看出变量 $converfiles 没有...