edit-icon download-icon

[Vulnerability notice] Code execution vulnerability in the Discuz! X series conversion tool

Last Updated: Nov 27, 2017

Description

The Discuz! X plug-in /utility/convert/index.php has a code execution vulnerability.

If you fail to update or delete the plug-in in a timely manner, attackers may exploit this program to directly execute code to implant a webshell.

Fix

  • Update Discuz! X to the latest version.

  • Remove the Discuz! X Series Conversion Tool from the program directory /utility.

Thank you! We've received your feedback.