CVE-2019-13956

CRITICAL LAB

Discuz!ML 3.2-3.4 - Remote Code Execution via Language Cookie Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-13956. PoCs published by rhbb.

AI-analyzed exploit summary The repository contains only a Docker Compose file and a minimal README with no exploit code or technical details. It sets up a Discuz ML environment but does not demonstrate or explain the vulnerability.

Description

Discuz!ML 3.2 through 3.4 allows remote attackers to execute arbitrary PHP code via a modified language cookie, as demonstrated by changing 4gH4_0df5_language=en to 4gH4_0df5_language=en'.phpinfo().'; (if the random prefix 4gH4_0df5_ were used).

Exploits (1)

nomisec STUB

by rhbb · poc

https://github.com/rhbb/CVE-2019-13956

View Code ZIP pw:eip

The repository contains only a Docker Compose file and a minimal README with no exploit code or technical details. It sets up a Discuz ML environment but does not demonstrate or explain the vulnerability.

Classification

Stub 90%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: Discuz ML (version unspecified)

No auth needed

Prerequisites: Docker environment

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

http://esoln.net/esoln/blog/2019/06/14/discuzml-v-3-x-code-injection-vulnerability/

Scores

CVSS v3 9.8

EPSS 0.0457

EPSS Percentile 90.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Lab Environment

COMMUNITY

Community Lab

docker pull boyhack/discuz_ml

https://github.com/rhbb/CVE-2019-13956

View in Library

Details

CWE

CWE-94

Status published

Products (1)

codersclub/discuz\!ml 3.2 - 3.4

Published Jul 18, 2019

Tracked Since Feb 18, 2026