Discuz4 has the SQL injection vulnerability. Members can escalate permissions.

Vulnerability Type: SQL Injection

Hazard level: high

Involved version: Discuz! 4.0.0 Discuz! 4.1.0

Vulnerability description

Because Discuz! Without strict data filtering, users can use special tools to forge illegal data and inject SQL statements to obtain forum administrator privileges.

Although PHP is only limited to the server environment of PHP5, it passes through Freediscuz! Team members tested that PHP4 users were also threatened by this vulnerability and also threatened PHPWIND Forum programs. Remind forum administrators to fix vulnerabilities as soon as possible.

Tested, the following Discuz! Users are not affected by this vulnerability. users who have used patch 0801 are not affected. Discuz is newly installed! Users of _ 4.1.0 _ SC _GBK 0810 FD patch version and Lite Beta 2 are not affected, Discuz! 5.0 RC1 and RC2 users are not affected.

Repair Methods

Upgrade the forum to Discuz as soon as possible! 5.0 RC2.

For users who do not want to upgrade the Forum, please use the Discuz published on this site! 4.1.0 patch.

All new installation users can download Discuz! 5.0 RC2 or Discuz! _ 4.1.0 _ SC _GBK 0810 FD patch.

Remarks

The vulnerability is a high-risk security vulnerability that involves a large number of users. To ensure the security and interests of most users, we decided not to publish a manual method to fix the vulnerability, to avoid being used by others. Freediscuz will not disclose specific attack methods and vulnerability details. If you are interested, do not harass Freediscuz Team members.