Discuz: >> Discuz! Security Vulnerabilities
SQL injection vulnerability in the JiangHu Inn plugin 1.1 and earlier for Discuz! allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action to forummission.php.
CVSS Score
7.5
EPSS Score
0.004
Published
2010-01-18
member.php in Crossday Discuz! Board allows remote attackers to reset passwords of arbitrary users via crafted (1) lostpasswd and (2) getpasswd actions, possibly involving predictable generation of the id parameter.
CVSS Score
7.5
EPSS Score
0.052
Published
2009-08-12