51 matches found
EUVD-2017-5850
Malware in sbrugna...
EUVD-2017-4315
Malware in sbrugna...
EUVD-2017-6761
Malware in sbrugna...
EUVD-2017-4434
Malware in sbrugna...
CVE-2017-15305
XSS exists in NexusPHP 1.5 via the keyword parameter to messages.php...
SUSE CVE-2017-12792
Multiple cross-site request forgery CSRF vulnerabilities in NexusPHP 1.5 allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 linkname, 2 url, or 3 title parameter in an add action to linksmanage.php...
CVE-2020-24769
SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the classes parameter...
CVE-2020-24770
SQL injection vulnerability in modrules.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter...
Sql injection
SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the classes parameter...
Sql injection
SQL injection vulnerability in modrules.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2020-24769
NexusPHP 1.5 is vulnerable to SQL injection via takeconfirm.php, parameter 'classes'. Exploitation allows remote attackers to execute arbitrary SQL commands. This is the explicit vulnerability described across CVE-2020-24769 records (NVD, Red Hat, CNVD, CVE list, OSV, CNVD/CNNVD mirrors). Connect...
CVE-2020-24769
SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the classes parameter...
Cross site scripting
XSS exists in NexusPHP 1.5 via the keyword parameter to messages.php...
CVE-2017-15305
XSS exists in NexusPHP 1.5 via the keyword parameter to messages.php...
CVE-2017-14534
Cross Site Scripting XSS exists in NexusPHP 1.5.beta5.20120707 via the PATHINFO to location.php, related to PHPSELF...
CVE-2017-14534
NVD and multiple public feeds confirm CVE-2017-14534 affects NexusPHP 1.5.beta5.20120707. The vulnerability is a Cross Site Scripting (XSS) flaw exploitable via PATH_INFO to location.php, related to PHP_SELF. Impact is limited to partial integrity impact with no confidentiality/availability effec...
CVE-2017-12838
Cross-site request forgery CSRF vulnerability in NexusPHP 1.5 allows remote attackers to hijack the authentication of users for requests that 1 send manas via a request to mybonus.php or 2 add administrators via unspecified vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in NexusPHP 1.5 allows remote attackers to hijack the authentication of users for requests that 1 send manas via a request to mybonus.php or 2 add administrators via unspecified vectors...
CVE-2017-12838
Cross-site request forgery CSRF vulnerability in NexusPHP 1.5 allows remote attackers to hijack the authentication of users for requests that 1 send manas via a request to mybonus.php or 2 add administrators via unspecified vectors...
CVE-2017-12838
NexusPHP 1.5 is affected by a CSRF vulnerability (CVE-2017-12838) that allows remote attackers to hijack user authentication for requests targeting mybonus.php or to add administrator accounts. The issue is confirmed across multiple sources (NVD/CNVD/PRION entries) and is described as a cross‑sit...