CVE-2008-6958

Crossday Discuz! Board 6.x-7.x - Authenticated PHP Code Execution via Credits Formula Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-6958. PoCs published by 80vul.

AI-analyzed exploit summary This exploit targets a vulnerability in Discuz! 6.x/7.x, leveraging a WAP registration flaw to inject malicious PHP code into a cache file, resulting in remote code execution (RCE). The PoC automates the process of registering a user, extracting session details, and writing a webshell to the target system.

Description

wap/index.php in Crossday Discuz! Board 6.x and 7.x allows remote authenticated users to execute arbitrary PHP code via the creditsformula parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by 80vul · phpwebappsphp

https://www.exploit-db.com/exploits/7119

View Code ZIP pw:eip

This exploit targets a vulnerability in Discuz! 6.x/7.x, leveraging a WAP registration flaw to inject malicious PHP code into a cache file, resulting in remote code execution (RCE). The PoC automates the process of registering a user, extracting session details, and writing a webshell to the target system.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Discuz! 6.x/7.x

No auth needed

Prerequisites: WAP registration enabled on the target Discuz! instance · Network access to the target server

MITRE ATT&CK