254 matches found
Cross site scripting
Cross-Site Scripting XSS exists in NexusPHP version v1.5 via the q parameter to searchsuggest.php...
CVE-2017-12798
Cross-Site Scripting XSS exists in NexusPHP version v1.5 via the q parameter to searchsuggest.php...
CVE-2017-12798
Cross-Site Scripting XSS exists in NexusPHP version v1.5 via the q parameter to searchsuggest.php...
CVE-2017-12798
Cross-Site Scripting XSS exists in NexusPHP version v1.5 via the q parameter to searchsuggest.php...
CVE-2017-12798
CVE-2017-12798 concerns a Cross-Site Scripting (XSS) vulnerability in NexusPHP version 1.5, exploitable via the q parameter to searchsuggest.php. The Red Hat, CNVD, NVD, and other connected records consistently describe a reflected/online XSS risk originating from unsanitized input in the q param...
NexusPHP Cross-Site Scripting Vulnerability (CNVD-2017-28416)
NexusPHP is a resource sharing community solution written in PHP developed by the Nexus team in China. A cross-site scripting vulnerability exists in NexusPHP v1.5. A remote attacker can inject arbitrary web script or HTML by sending parameters to the usersearch.php file to exploit the...
CVE-2017-12777
Cross-Site Scripting XSS exists in NexusPHP version v1.5 via some parameter to usersearch.php...
CVE-2017-12777
Cross-Site Scripting XSS exists in NexusPHP version v1.5 via some parameter to usersearch.php...
Cross site scripting
Cross-Site Scripting XSS exists in NexusPHP version v1.5 via some parameter to usersearch.php...
CVE-2017-12777
CVE-2017-12777 is a confirmed Cross‑Site Scripting (XSS) vulnerability in NexusPHP v1.5. According to CNVD-2017-28416 and NVD details, a remote attacker can inject arbitrary web script or HTML by sending crafted parameters to the file usersearch.php, potentially affecting pages that render the vu...
CVE-2017-12777
Cross-Site Scripting XSS exists in NexusPHP version v1.5 via some parameter to usersearch.php...
NexusPHP Cross-Site Scripting Vulnerability
NexusPHP is a resource sharing community solution written in PHP developed by the Nexus team in China. A cross-site scripting vulnerability exists in the 'query' parameter of the log.php file in NexusPHP version 1.5. A remote attacker can exploit this vulnerability to inject arbitrary Web script ...
NexusPHP v1.5 cheaterbox.php file has SQL injection vulnerability
NexusPHP is a resource sharing community solution written in PHP developed by the Nexus team in China. NexusPHP v1.5 cheaterbox.php file delcheater parameter exists SQL injection vulnerability, an attacker can use the vulnerability to obtain database sensitive information...
CVE-2017-12655
Cross-Site Scripting XSS exists in NexusPHP version v1.5 via the query parameter to log.php in a dailylog action...
CVE-2017-12655
Cross-Site Scripting XSS exists in NexusPHP version v1.5 via the query parameter to log.php in a dailylog action...
Cross site scripting
Cross-Site Scripting XSS exists in NexusPHP version v1.5 via the query parameter to log.php in a dailylog action...
CVE-2017-12655
Cross-Site Scripting XSS exists in NexusPHP version v1.5 via the query parameter to log.php in a dailylog action...
CVE-2017-12655
NexusPHP 1.5 is affected by a Cross-Site Scripting (XSS) vulnerability in log.php, dailylog action, exploitable via the query parameter. The vulnerability allows injection of Web script/HTML and, per CVE data, has PII-impacting integrity (I) but no confidentiality or availability impacts reported...
NexusPHP Cross-Site Scripting Vulnerability (CNVD-2017-26595)
NexusPHP is a resource sharing community solution written in PHP developed by the Nexus team in China. A cross-site scripting vulnerability exists in NexusPHP version 1.5. A remote attacker can use the javascript: or data: URL in the UBBCode url tag to inject arbitrary web script or HTML...
Design/Logic Flaw
NexusPHP V1.5 has XSS via a javascript: or data: URL in a UBBCode url tag...