Please select To the mobile version | Continue to access the desktop computer version
| |
| | |


 Forgot password?
View: 1778|Reply: 0
Collapse the left

Discuz!ML v.3.X Code Injection Vulnerability

[Copy link]


Post time: 2019-11-30 22:09
| Show all posts |Read mode
Discuz!ML v.3.X Code Injection Vulnerability

The vulnerability was found: 2019-07-18
Common Vulnerabilities and Exposures (CVE) Database ID: CVE-2019-13956

Vulnerability Description:

Discuz!ML 3.2 through 3.4 allows remote attackers to execute arbitrary PHP code via a modified language cookie, as demonstrated by changing 4gH4_0df5_language=en to 4gH4_0df5_language=en'.phpinfo().';
(if the random prefix 4gH4_0df5_ were used).

Vulnerability Status:

Was solved 2019-11-11 in Discuz!ML v.3.4 revision 922.

How to solve the problem:

Just upgrade your Discuz!ML to the latest  version and revision!

If you can not upgrade your installation, try to modify the code manually by yourself:

1) Open file "source/class/discuz/discuz_application.php" for edit.
2) find the lines:
  1.         // set language from cookies
  2.          if($this->var['cookie']['language']) {
  3. <div>                 $lng = strtolower($this->var['cookie']['language']);</div>
Copy the Code
3) Add the code below:
  1.                 if(!isset($this->var['config']['languages'][$lng])) {
  2.                     $lng = '';
  3.                 }
Copy the Code
4) Save the file!

5) Enjoy

You have to log in before you can reply Login | Register

Points Rules

Archive|Mobile|Dark room|CodersClub  


2020-10-26 08:04 GMT+3 , Processed in 0.086711 sec., 9 queries .

Powered by Discuz! X3.4

Release 20170801, © 2001-2020 Comsenz Inc.

MultiLingual version, Rev. 710, © 2009-2020

Quick Reply To Top Return to the list