254 matches found
CVE-2017-14069
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the usernw array parameter to nowarn.php...
CVE-2017-14069
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the usernw array parameter to nowarn.php...
CVE-2017-14070
The CVE-2017-14070 entry describes a Cross Site Scripting (XSS) vulnerability in NexusPHP 1.5.beta5.20120707. The issue arises via PATH_INFO to ipsearch.php and is related to PHP_SELF. Multiple sources (NVD, Red Hat, CNVD, CNVD-derived entries) confirm the affected software and the vulnerability ...
CVE-2017-14069
CVE-2017-14069 affects NexusPHP 1.5.beta5.20120707. The root cause is a SQL Injection in the usernw parameter of nowarn.php, allowing a remote attacker to execute arbitrary SQL commands. Public records in CNVD-2017-30775 corroborate the vulnerability details and impact. The connected documents do...
CVE-2017-14070
Cross Site Scripting XSS exists in NexusPHP 1.5.beta5.20120707 via the PATHINFO to ipsearch.php, related to PHPSELF...
NexusPHP cheaterbox.php file SQL injection vulnerability
NexusPHP is a resource sharing community solution written in PHP developed by the Nexus team in China. A SQL injection vulnerability exists in NexusPHP version 1.5.beta5.20120707. A remote attacker can exploit this vulnerability by sending the 'delcheater' parameter to the cheaterbox.php file to...
NexusPHP staffbox.php File SQL Injection Vulnerability
NexusPHP is a resource sharing community solution written in PHP developed by the Nexus team in China. A SQL injection vulnerability exists in NexusPHP version 1.5.beta5.20120707. A remote attacker can exploit this vulnerability by sending the 'setanswered' parameter to the staffbox.php file to...
CVE-2017-12679
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php...
Sql injection
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php...
Sql injection
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php...
CVE-2017-13669
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php...
CVE-2017-13669
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php...
CVE-2017-12679
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php...
CVE-2017-12679
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php...
CVE-2017-13669
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php...
CVE-2017-12679
NexusPHP 1.5.beta5.20120707 is affected by a SQL injection in cheaterbox.php via the delcheater parameter. The vulnerability allows a remote attacker to send the delcheater parameter to cheaterbox.php to execute arbitrary SQL commands. The CVE description and CNVD entry confirm the affected produ...
CVE-2017-13669
CVE-2017-13669 affects NexusPHP 1.5.beta5.20120707, with a SQL injection via the setanswered parameter to staffbox.php. The vulnerability allows an attacker to execute arbitrary SQL commands remotely. CVSS data indicate a high/critical impact (C, I, A all high) and network access with no authenti...
NexusPHP forummanage.php file SQL Injection Vulnerability
NexusPHP is a resource sharing community solution written in PHP developed by the Nexus team in China. A SQL injection vulnerability exists in the NexusPHP forummanage.php file, which allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to manipulate or...
Sql injection
NexusPHP 1.5.beta5.20120707 has SQL Injection in forummanage.php via the sort parameter in an addforum action...
CVE-2017-12981
NexusPHP 1.5.beta5.20120707 has SQL Injection in forummanage.php via the sort parameter in an addforum action...