Vulnerabilities (CVE)

Filtered by vendor Comsenz Subscribe
Filtered by product Discuz\!
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-14729 1 Comsenz 1 Discuz\! 2024-11-21 9.0 HIGH 8.8 HIGH
The database backup feature in upload/source/admincp/admincp_db.php in Discuz! 2.5 and 3.4 allows remote attackers to execute arbitrary PHP code.
CVE-2009-3185 1 Comsenz 2 Crazy Star Plugin, Discuz\! 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in plugin.php in the Crazy Star plugin 2.0 for Discuz! allows remote authenticated users to execute arbitrary SQL commands via the fmid parameter in a view action.