Total
9 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-30884 | 1 Discuz | 1 Discuzx | 2025-06-17 | N/A | 7.1 HIGH |
| Reflected Cross-Site Scripting (XSS) vulnerability in Discuz! version X3.4 20220811, allows remote attackers to execute arbitrary code and obtain sensitive information via crafted payload to the primarybegin parameter in the misc.php component. | |||||
| CVE-2022-45543 | 1 Discuz | 1 Discuzx | 2025-03-19 | N/A | 6.1 MEDIUM |
| Cross site scripting (XSS) vulnerability in DiscuzX 3.4 allows attackers to execute arbitrary code via the datetline, title, tpp, or username parameters via the audit search. | |||||
| CVE-2018-5377 | 1 Discuz | 1 Discuzx | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access restrictions via the archiver\index.php action parameter. | |||||
| CVE-2018-5376 | 1 Discuz | 1 Discuzx | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Discuz! DiscuzX X3.4 has XSS via the include\spacecp\spacecp_upload.php op parameter. | |||||
| CVE-2018-5375 | 1 Discuz | 1 Discuzx | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Discuz! DiscuzX X3.4 has XSS via the include\spacecp\spacecp_space.php appid parameter in a delete action. | |||||
| CVE-2018-5331 | 1 Discuz | 1 Discuzx | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Discuz! DiscuzX X3.4 has XSS via the view parameter to include/space/space_poll.php, as demonstrated by a mod=space do=poll request to home.php. | |||||
| CVE-2018-5259 | 1 Discuz | 1 Discuzx | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Discuz! DiscuzX X3.4 allows remote authenticated users to bypass intended attachment-deletion restrictions via a modified aid parameter. | |||||
| CVE-2018-10298 | 1 Discuz | 1 Discuzx | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Discuz! DiscuzX through X3.4 has reflected XSS via forum.php?mod=post&action=newthread because data/template/1_diy_portal_view.tpl.php does not restrict the content. | |||||
| CVE-2018-10297 | 1 Discuz | 1 Discuzx | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Discuz! DiscuzX through X3.4 has stored XSS via the portal.php?mod=portalcp&ac=article URI, related to mishandling of IMG elements associated with remote images. | |||||