33 matches found
EUVD-2018-2371
Malware in sbrugna...
EUVD-2018-2372
Malware in sbrugna...
EUVD-2018-17110
Malware in sbrugna...
EUVD-2018-17148
Malware in sbrugna...
EUVD-2018-11153
Malware in sbrugna...
CVE-2018-5376
Discuz! DiscuzX X3.4 has XSS via the include\spacecp\spacecpupload.php op parameter...
CVE-2018-5377
Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access restrictions via the archiver\index.php action parameter...
CVE-2018-5375
Discuz! DiscuzX X3.4 has XSS via the include\spacecp\spacecpspace.php appid parameter in a delete action...
CVE-2018-10298
Discuz! DiscuzX through X3.4 has reflected XSS via forum.php?mod=post=newthread because data/template/1diyportalview.tpl.php does not restrict the content...
Discuz! 安全漏洞
Cansheng Xintron Technology Discuz! is a community forum system based on PHP and MySQL by China's Cansheng Xintron Technology Company. A security vulnerability exists in Discuz! X3.4 version 20220811, which stems from the presence of a Reflective Cross-Site Scripting XSS vulnerability that allows...
Arbitrary file deletion vulnerability in the background of Beijing Kangsheng Xinchuang Technology Co.
Discuz! is a general community forum software system launched by Beijing Kangsheng Xinchuang Technology Co. Discuz! x3.4 backend has an arbitrary file deletion vulnerability that can be exploited by an attacker to construct a packet to delete arbitrary files, possibly enabling reinstallation...
Cross-site Scripting Vulnerability in Discuz!
Discuz! is a very popular Web forum program in the Chinese community. A cross-site scripting vulnerability exists in Discuz! X3.4, which stems from the failure of admincp/admincpsetting.php and template\default\common\footer.htm to properly handle the statcode field, which can be exploited to...
Code injection
Discuz! X3.4 allows XSS via admin.php because admincp/admincpsetting.php and template\default\common\footer.htm mishandles statcode field from third-party stats code...
CVE-2018-19464
Discuz! X3.4 allows XSS via admin.php because admincp/admincpsetting.php and template\default\common\footer.htm mishandles statcode field from third-party stats code...
CVE-2018-19464
Discuz! X3.4 allows XSS via admin.php because admincp/admincpsetting.php and template\default\common\footer.htm mishandles statcode field from third-party stats code...
CVE-2018-19464
The vulnerability concerns Discuz! X3.4 where an XSS flaw can be triggered via admin.php due to improper handling of the statcode field in admincp/admincp_setting.php and template\default\common\footer.htm. The root cause is mishandling of third-party stats code, enabling injection of arbitrary w...
CVE-2018-19464
Discuz! X3.4 allows XSS via admin.php because admincp/admincpsetting.php and template\default\common\footer.htm mishandles statcode field from third-party stats code...
CVE-2018-10297
Discuz! DiscuzX through X3.4 has stored XSS via the portal.php?mod=portalcp&ac=article URI, related to mishandling of IMG elements associated with remote images...
Discuz! DiscuzX cross-site scripting vulnerability (CNVD-2018-02843)
Discuz! DiscuzX is an online forum system. A cross-site scripting vulnerability exists in Discuz! DiscuzX X3.4. A remote attacker can exploit this vulnerability by sending the 'op' parameter to the include\spacecp\spacecpupload.php file to inject arbitrary web script or HTML...
Discuz! DiscuzX cross-site scripting vulnerability (CNVD-2018-02842)
Discuz! DiscuzX is an online forum system. A cross-site scripting vulnerability exists in Discuz! DiscuzX X3.4. A remote attacker can exploit this vulnerability by sending the 'appid' parameter to the include\spacecp\spacecpspace.php file to inject arbitrary Web script or HTML...