RSS   Vulnerabilities for 'Discuz'   RSS

2005-08-17
 
CVE-2005-2614

 

 
Discuz! 4.0 rc4 does not properly restrict types of files that are uploaded to the server, which allows remote attackers to execute arbitrary commands via a filename containing ".php.rar" or other multiple extensions that include .php.

 
2004-11-23
 
CVE-2004-0254

 

 
Cross-site scripting (XSS) vulnerability in Discuz! Board 2.x and 3.x allows remote attackers to execute arbitrary script as other users via an img tag.

 

 >>> Vendor: Crosscom olicom 2 Products
Xlt-f
Discuz


Copyright 2024, cxsecurity.com

 

Back to Top