Vulnerability Details CVE-2008-6958
wap/index.php in Crossday Discuz! Board 6.x and 7.x allows remote authenticated users to execute arbitrary PHP code via the creditsformula parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.039
EPSS Ranking 87.8%
CVSS Severity
CVSS v2 Score 6.5
References
- http://osvdb.org/50202
- http://secunia.com/advisories/32731
- http://www.80vul.com/dzvul/sodb/13/dz-exp-sodb-2008-13_php.htm
- http://www.discuz.net/archiver/?tid-1112426.html
- http://www.securityfocus.com/bid/32303
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46644
- https://www.exploit-db.com/exploits/7119
- http://osvdb.org/50202
- http://secunia.com/advisories/32731
- http://www.80vul.com/dzvul/sodb/13/dz-exp-sodb-2008-13_php.htm
- http://www.discuz.net/archiver/?tid-1112426.html
- http://www.securityfocus.com/bid/32303
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46644
- https://www.exploit-db.com/exploits/7119
Products affected by CVE-2008-6958
-
cpe:2.3:a:comsenz:crossday_discuz!_board:6.0.1
-
cpe:2.3:a:comsenz:crossday_discuz!_board:7.0