Design/Logic Flaw

2019-05-2218:29:00

PRIOn knowledge base

www.prio-n.com

8.9 High

AI Score

Confidence

High

0.021 Low

EPSS

Percentile

89.2%

The database backup feature in upload/source/admincp/admincp_db.php in Discuz! 2.5 and 3.4 allows remote attackers to execute arbitrary PHP code.

CPENameOperatorVersion
discuz\\!ge1.5
discuz\\!le2.5
discuz\\!ge3.0
discuz\\!le3.4

Name	Operator	Version
discuz\\!	ge	1.5
discuz\\!	le	2.5
discuz\\!	ge	3.0
discuz\\!	le	3.4

References

discuz.com

tencent.com

www.cnvd.org.cn/flaw/show/CNVD-2018-17059

github.com/FoolMitAh/CVE-2018-14729/blob/master/Discuz_backend_getshell.md