Please select To the mobile version | Continue to access the desktop computer version
| |
| | |

CodersClub

 Forgot password?
 Register
Search
View: 6562|Reply: 0
Collapse the left

Discuz!ML v.3.X Code Injection Vulnerability

[Copy link]

 Russia

Post time: 2019-11-30 22:09
| Show all posts |Read mode
Discuz!ML v.3.X Code Injection Vulnerability

The vulnerability was found: 2019-07-18
Common Vulnerabilities and Exposures (CVE) Database ID: CVE-2019-13956

Vulnerability Description:

Discuz!ML 3.2 through 3.4 allows remote attackers to execute arbitrary PHP code via a modified language cookie, as demonstrated by changing 4gH4_0df5_language=en to 4gH4_0df5_language=en'.phpinfo().';
(if the random prefix 4gH4_0df5_ were used).

Vulnerability Status:

Was solved 2019-11-11 in Discuz!ML v.3.4 revision 922.

How to solve the problem:

Just upgrade your Discuz!ML to the latest  version and revision!

If you can not upgrade your installation, try to modify the code manually by yourself:

1) Open file "source/class/discuz/discuz_application.php" for edit.
2) find the lines:
  1.         // set language from cookies
  2.          if($this->var['cookie']['language']) {
  3. <div>                 $lng = strtolower($this->var['cookie']['language']);</div>
Copy the Code
3) Add the code below:
  1.                 if(!isset($this->var['config']['languages'][$lng])) {
  2.                     $lng = '';
  3.                 }
Copy the Code
4) Save the file!

5) Enjoy


You have to log in before you can reply Login | Register

Points Rules

Archive|Mobile|Dark room|CodersClub

Top.Mail.Ru
Top.Mail.Ru

2024-03-28 21:39 GMT+3 , Processed in 0.026494 sec., 8 queries .

Powered by Discuz! X3.4 Release 20230520

© 2001-2024 Discuz! Team.

MultiLingual version, Rev. 4301, © codersclub.org

Quick Reply To Top Return to the list