Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
comsenz discuzx x3.4 vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2018-20422
Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote malicious users to bypass authentication by leveraging a non-empty #wechat#common_member_wechatmp to gain login access to an account via a plugin.php ac=wxregister request (the attacker does not have control over wh...
Comsenz Discuzx X3.4
8.1
CVSSv3
CVE-2018-20423
Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote malicious users to bypass a "disabled registration" setting by adding a non-existing wxopenid value to the plugin.php ac=wxregister query string.
Comsenz Discuzx X3.4
5.9
CVSSv3
CVE-2018-20424
Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote malicious users to delete the common_member_wechatmp data structure via an ac=unbindmp request to plugin.php.
Comsenz Discuzx X3.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started