All Products
Document Center

[Vulnerability notice] Arbitrary code execution vulnerability in Discuz! upgrade/conversion tool

Last Updated: Nov 08, 2017


The Discuz! upgrade/conversion tool is a commonly used plug-in in Discuz!. This tool has a design defect that allows hackers to construct a special request to generate webshell on your website, and then get the administrator access.


Upgrade the upgrade/conversion tool to the latest version from the Discuz! official website.