Discuz!ML v.3.X Code Injection Vulnerability
Discuz!ML v.3.X Code Injection VulnerabilityThe vulnerability was found: 2019-07-18
Common Vulnerabilities and Exposures (CVE) Database ID: CVE-2019-13956
Vulnerability Description:
Discuz!ML 3.2 through 3.4 allows remote attackers to execute arbitrary PHP code via a modified language cookie, as demonstrated by changing 4gH4_0df5_language=en to 4gH4_0df5_language=en'.phpinfo().';
(if the random prefix 4gH4_0df5_ were used).
Vulnerability Status:
Was solved 2019-11-11 in Discuz!ML v.3.4 revision 922.
How to solve the problem:
Just upgrade your Discuz!ML to the latestversion and revision!
If you can not upgrade your installation, try to modify the code manually by yourself:
1) Open file "source/class/discuz/discuz_application.php" for edit.
2) find the lines:
// set language from cookies
if($this->var['cookie']['language']) {
<div> $lng = strtolower($this->var['cookie']['language']);</div>3) Add the code below:
if(!isset($this->var['config']['languages'][$lng])) {
$lng = '';
}
4) Save the file!
5) Enjoy :)
Pages:
[1]