CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

CNVD•added 2017/09/13 12:0 a.m.•1 views

NexusPHP Cross-Site Scripting Vulnerability (CNVD-2017-30114)

NexusPHP is a resource sharing community solution written in PHP developed by the Nexus team in China. A cross-site scripting vulnerability exists in NexusPHP version 1.5.beta5.20120707. A remote attacker can exploit this vulnerability by sending the 'returnto' parameter to the fun.php file durin...

6.1CVSS6.1AI score0.0024EPSS

Exploits1References1

Prion•added 2017/09/12 7:29 p.m.•17 views

Design/Logic Flaw

NexusPHP 1.5.beta5.20120707 has XSS in the returnto parameter to fun.php in a delete action...

4.3CVSS5.9AI score0.0024EPSS

Exploits1References1Affected Software1

OSV•added 2017/09/12 7:29 p.m.•1 views

CVE-2017-14347

NexusPHP 1.5.beta5.20120707 has XSS in the returnto parameter to fun.php in a delete action...

6.1CVSS5.8AI score0.0024EPSS

Exploits1References1

NVD•added 2017/09/12 7:29 p.m.•8 views

CVE-2017-14347

NexusPHP 1.5.beta5.20120707 has XSS in the returnto parameter to fun.php in a delete action...

6.1CVSS6AI score0.0024EPSS

Exploits1References1

CVE•added 2017/09/12 7:0 p.m.•45 views

CVE-2017-14347

NexusPHP 1.5.beta5.20120707 is affected by an XSS vulnerability in the returnto parameter of fun.php during a delete action. Descriptions in CVE records and CNVD/NVD references indicate the issue allows script injection in NexusPHP’s admin-facing flow, with CNVD noting potential to obtain the adm...

6.1CVSS5.9AI score0.0024EPSS

Exploits1References1Affected Software1