NexusPHP SQL Injection Vulnerability (CNVD-2017-220459)

NexusPHP is a resource sharing community solution written in PHP developed by the Nexus team in China. A SQL injection vulnerability exists in the takeconfirm.php file in NexusPHP version 1.5. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands with the 'conusr'...

CVE-2017-12908

SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the conusr parameter...

Sql injection

SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the conusr parameter...

CVE-2017-12908

NexusPHP 1.5 is affected by a SQL injection in takeconfirm.php via the conusr parameter. The root cause is an unsafe handling of input that allows remote attackers to execute arbitrary SQL commands. The CVE description and multiple connected sources confirm this vulnerability; however, the provid...

NexusPHP V1.5 suffers from SQL Injection Vulnerability

NexusPHP is a resource sharing community solution written in PHP developed by the Nexus team in China. A SQL injection vulnerability exists in NexusPHP v1.5, due to the program cheaterbox.php file fails to strictly filter the conusr parameter. Attackers can use this vulnerability to obtain...