• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

Discuz

CVE-2008-6957

February 26, 2023 by

member.php in Crossday Discuz! Board allows remote attackers to reset passwords of arbitrary users via crafted (1) lostpasswd and (2) getpasswd actions, possibly involving predictable generation of the id parameter.

CVE-2018-5375

February 26, 2023 by

Discuz! DiscuzX X3.4 has XSS via the includespacecpspacecp_space.php appid parameter in a delete action.

CVE-2018-5376

February 26, 2023 by

Discuz! DiscuzX X3.4 has XSS via the includespacecpspacecp_upload.php op parameter.

CVE-2018-5377

February 26, 2023 by

Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access restrictions via the archiverindex.php action parameter.

CVE-2018-5331

February 26, 2023 by

Discuz! DiscuzX X3.4 has XSS via the view parameter to include/space/space_poll.php, as demonstrated by a mod=space do=poll request to home.php.

CVE-2018-5259

February 26, 2023 by

Discuz! DiscuzX X3.4 allows remote authenticated users to bypass intended attachment-deletion restrictions via a modified aid parameter.

  • Go to page 1
  • Go to page 2
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE