CVE-2008-6958

Comsenz Crossday Discuz! Board - Code Injection

Title source: rule

Description

wap/index.php in Crossday Discuz! Board 6.x and 7.x allows remote authenticated users to execute arbitrary PHP code via the creditsformula parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by 80vul · phpwebappsphp
https://www.exploit-db.com/exploits/7119

References (7)

Scores

EPSS 0.0392
EPSS Percentile 88.3%

Details

CWE
CWE-94
Status published
Products (2)
comsenz/crossday_discuz\!_board 6.0.1
comsenz/crossday_discuz\!_board 7.0
Published Aug 12, 2009
Tracked Since Feb 18, 2026