4 matches found
CVE-2017-14534
NVD and multiple public feeds confirm CVE-2017-14534 affects NexusPHP 1.5.beta5.20120707. The vulnerability is a Cross Site Scripting (XSS) flaw exploitable via PATH_INFO to location.php, related to PHP_SELF. Impact is limited to partial integrity impact with no confidentiality/availability effec...
CVE-2017-14076
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the id parameter to linksmanage.php in an editlink action...
CVE-2017-14069
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the usernw array parameter to nowarn.php...
CVE-2017-14070
The CVE-2017-14070 entry describes a Cross Site Scripting (XSS) vulnerability in NexusPHP 1.5.beta5.20120707. The issue arises via PATH_INFO to ipsearch.php and is related to PHP_SELF. Multiple sources (NVD, Red Hat, CNVD, CNVD-derived entries) confirm the affected software and the vulnerability ...