Vulnerabilities > Discuz
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-08-12 | CVE-2008-6957 | Permissions, Privileges, and Access Controls vulnerability in Discuz Discuz! member.php in Crossday Discuz! Board allows remote attackers to reset passwords of arbitrary users via crafted (1) lostpasswd and (2) getpasswd actions, possibly involving predictable generation of the id parameter. | 7.5 |
| 2006-10-27 | CVE-2006-5561 | SQL Injection vulnerability in Discuz GBK 5.0.0 SQL injection vulnerability in admincp.php in Discuz! GBK 5.0.0 allows remote attackers to execute arbitrary SQL commands via the cdb_auth cookie. | 7.5 |