2 matches found
CVE-2017-12777
Cross-Site Scripting XSS exists in NexusPHP version v1.5 via some parameter to usersearch.php...
CVE-2017-12777
CVE-2017-12777 is a confirmed Cross‑Site Scripting (XSS) vulnerability in NexusPHP v1.5. According to CNVD-2017-28416 and NVD details, a remote attacker can inject arbitrary web script or HTML by sending crafted parameters to the file usersearch.php, potentially affecting pages that render the vu...