CVE-2018-14729

HIGH

Discuz! <3.4 - RCE

Title source: llm

The database backup feature in upload/source/admincp/admincp_db.php in Discuz! 2.5 and 3.4 allows remote attackers to execute arbitrary PHP code.

nomisec STUB 1 stars

by c0010 · poc

inthewild

poc

CVSS v3 8.8

EPSS 0.5723

EPSS Percentile 98.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-20

Status published

Products (1)

comsenz/discuz\! 1.5 - 2.5

Published May 22, 2019

Tracked Since Feb 18, 2026