edit-icon download-icon

[Vulnerability notice] Web SQL injection vulnerability in batch.common.php in Discuz! Board X

Last Updated: May 07, 2018

Description

Discuz! is an Internet forum software written in PHP, that supports MySQL and PostgreSQL databases. It is the most popular Internet forum program used in China.

The batch.common.php file of Discuz! has a web SQL injection vulnerability that may expose the website to intrusion risks.

Affected versions

Discuz! Board X

Fix

Since Discuz! Board X is no longer officially maintained, we recommend that you upgrade your Discuz! to the latest version with an immediate effect.

Thank you! We've received your feedback.