vendor:
Discuz!
by:
www.80vul.com
9.3
CVSS
HIGH
Remote Code Execution
78
CWE
Product Name: Discuz!
Affected Version From: 6.x/7.x
Affected Version To: 6.x/7.x
Patch Exists: YES
Related CWE: CVE-2008-13
CPE: a:discuz:discuz
Metasploit:
https://www.rapid7.com/db/vulnerabilities/adobe-reader-apsb08-13-CVE-2008-2042/, https://www.rapid7.com/db/vulnerabilities/adobe-reader-apsb08-13-CVE-2007-5666/, https://www.rapid7.com/db/vulnerabilities/adobe-reader-apsb08-13-CVE-2007-5663/, https://www.rapid7.com/db/vulnerabilities/adobe-reader-apsb08-13-CVE-2007-5659/, https://www.rapid7.com/db/vulnerabilities/adobe-reader-apsb08-13-CVE-2008-0726/, https://www.rapid7.com/db/vulnerabilities/mozilla-seamonkey-cve-2008-0416/, https://www.rapid7.com/db/vulnerabilities/adobe-reader-apsb08-13-CVE-2008-0667/, https://www.rapid7.com/db/vulnerabilities/mfsa2008-13-cve-2008-0416/, https://www.rapid7.com/db/vulnerabilities/mozilla-thunderbird-cve-2008-0416/, https://www.rapid7.com/db/vulnerabilities/adobe-reader-apsb08-13-CVE-2008-0655/
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: None
2008
Discuz! 6.x/7.x SODB-2008-13 Exp
Discuz! 6.x/7.x is vulnerable to a remote code execution vulnerability. An attacker can exploit this vulnerability by sending a crafted POST request to the vulnerable server. This will allow the attacker to execute arbitrary code on the vulnerable server.
Mitigation:
Upgrade to the latest version of Discuz! 6.x/7.x