CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

101 matches found

CVE•added 2017/08/18 4:0 p.m.•50 views

CVE-2017-12680

Cross-Site Scripting (XSS) exists in NexusPHP 1.5 via the type parameter to shoutbox.php. The description indicates the vulnerability arises from input handling for the type parameter, enabling script injection. Affected software is NexusPHP 1.5 (PHP-based resource sharing software). This CVE is ...

6.1CVSS5.9AI score0.0024EPSS

Exploits1References2Affected Software1

Prion•added 2017/08/17 8:29 p.m.•14 views

Sql injection

SQL injection vulnerability in modtask.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the userid parameter...

7.5CVSS9.9AI score0.00487EPSS

Exploits1References1Affected Software1

OSV•added 2017/08/17 8:29 p.m.•1 views

CVE-2017-12907

Cross-Site Scripting XSS exists in NexusPHP version v1.5 via the url path to usersearch.php...

6.1CVSS5.8AI score

Exploits0References1

NVD•added 2017/08/17 8:29 p.m.•14 views

CVE-2017-12908

SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the conusr parameter...

9.8CVSS10AI score0.00487EPSS

Exploits1References1

CVE•added 2017/08/17 8:0 p.m.•46 views

CVE-2017-12907

The CVE-2017-12907 entry describes a Cross-Site Scripting (XSS) vulnerability in NexusPHP version 1.5 that is exploitable via the URL path to usersearch.php. The Connected documents corroborate NexusPHP 1.5 as affected, with the issue located in the usersearch.php path. There are no details here ...

6.1CVSS5.9AI score0.0024EPSS

Exploits1References1Affected Software1

Cvelist•added 2017/08/17 8:0 p.m.•22 views

CVE-2017-12909

SQL injection vulnerability in modtask.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the userid parameter...

10AI score0.00487EPSS

Exploits1References1

Prion•added 2017/08/10 6:29 p.m.•29 views

Cross site scripting

Cross-Site Scripting XSS exists in NexusPHP version v1.5 via the q parameter to searchsuggest.php...

4.3CVSS5.9AI score0.0024EPSS

Exploits1References1Affected Software1

NVD•added 2017/08/10 6:29 p.m.•21 views

CVE-2017-12798

Cross-Site Scripting XSS exists in NexusPHP version v1.5 via the q parameter to searchsuggest.php...

6.1CVSS6AI score0.0024EPSS

Exploits1References1

ATTACKERKB•added 2017/08/10 6:29 p.m.•2 views

CVE-2017-12798

Cross-Site Scripting XSS exists in NexusPHP version v1.5 via the q parameter to searchsuggest.php...

6.1CVSS5.5AI score0.0024EPSS

Exploits1References2

CVE•added 2017/08/10 6:0 p.m.•54 views

CVE-2017-12798

CVE-2017-12798 concerns a Cross-Site Scripting (XSS) vulnerability in NexusPHP version 1.5, exploitable via the q parameter to searchsuggest.php. The Red Hat, CNVD, NVD, and other connected records consistently describe a reflected/online XSS risk originating from unsanitized input in the q param...

6.1CVSS5.9AI score0.0024EPSS

Exploits1References1Affected Software1

Prion•added 2017/08/09 9:29 p.m.•14 views

Cross site scripting

Cross-Site Scripting XSS exists in NexusPHP version v1.5 via some parameter to usersearch.php...

4.3CVSS5.9AI score0.0024EPSS

Exploits0References2Affected Software1

ATTACKERKB•added 2017/08/09 9:29 p.m.•2 views

CVE-2017-12777

Cross-Site Scripting XSS exists in NexusPHP version v1.5 via some parameter to usersearch.php...

6.1CVSS5.5AI score0.0024EPSS

Exploits0References3

CVE•added 2017/08/09 9:0 p.m.•47 views

CVE-2017-12777

CVE-2017-12777 is a confirmed Cross‑Site Scripting (XSS) vulnerability in NexusPHP v1.5. According to CNVD-2017-28416 and NVD details, a remote attacker can inject arbitrary web script or HTML by sending crafted parameters to the file usersearch.php, potentially affecting pages that render the vu...

6.1CVSS5.9AI score0.0024EPSS

Exploits0References2Affected Software1

CVE•added 2017/08/07 8:0 p.m.•52 views

CVE-2017-12655

NexusPHP 1.5 is affected by a Cross-Site Scripting (XSS) vulnerability in log.php, dailylog action, exploitable via the query parameter. The vulnerability allows injection of Web script/HTML and, per CVE data, has PII-impacting integrity (I) but no confidentiality or availability impacts reported...

6.1CVSS5.9AI score0.0024EPSS

Exploits1References1Affected Software1

CVE•added 2017/07/26 8:0 a.m.•50 views

CVE-2017-11651

CVE-2017-11651 affects NexusPHP V1.5 with a cross-site scripting (XSS) flaw. The issue arises from a vulnerability in the UBBCode url tag that accepts javascript: or data: URLs, allowing injection of arbitrary web script or HTML. Public references include CNVD-2017-26595 and NVD/NIST records. Exp...

6.1CVSS5.9AI score0.0024EPSS

Exploits1References1Affected Software1

CNVD•added 2017/07/02 12:0 a.m.•1 views

CSRF Vulnerability in NexusPHPV1.5 (Current Version)

NexusPHPV1.5 is a system for domestic pt stations. NexusPHPV1.5 the current version has a cross-site request forgery vulnerability, the vulnerability is due to cookie design flaws and failure to effectively limit the parameters submitted by the post. The vulnerability is caused by a cookie design...

6.9AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•48 views

NexusPHP 1.5 - SQL Injection

No description provided by source. Exploit Title: Nexusphp.v1.5 SQL injection Vulnerability Google Dork: intitle:nexusphp Date: 2011-10-08 Author: flyh4t Software Link: http://sourceforge.net/projects/nexusphp/ Version: nexusphp.v1.5 Tested on: linux+apache CVE : CVE-2011-4026 Nexusphp is...

7.5CVSS6.6AI score0.00343EPSS

Exploits6

Prion•added 2011/10/21 6:55 p.m.•11 views

Sql injection

SQL injection vulnerability in thanks.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS9AI score0.00343EPSS

Exploits6References3Affected Software1

exploitpack•added 2011/10/08 12:0 a.m.•23 views

NexusPHP 1.5 - SQL Injection

NexusPHP 1.5 - SQL Injection Exploit Title: Nexusphp.v1.5 SQL injection Vulnerability Google Dork: intitle:nexusphp Date: 2011-10-08 Author: flyh4t Software Link: http://sourceforge.net/projects/nexusphp/ Version: nexusphp.v1.5 Tested on: linux+apache CVE : CVE-2011-4026 Nexusphp is BitTorrent...

7.5CVSS0.3AI score0.00343EPSS

Exploits6

Exploit DB•added 2011/10/08 12:0 a.m.•35 views

NexusPHP 1.5 - SQL Injection

Exploit Title: Nexusphp.v1.5 SQL injection Vulnerability Google Dork: intitle:nexusphp Date: 2011-10-08 Author: flyh4t Software Link: http://sourceforge.net/projects/nexusphp/ Version: nexusphp.v1.5 Tested on: linux+apache CVE : CVE-2011-4026 Nexusphp is BitTorrent private tracker scripts written...

7.5CVSS6.6AI score0.00343EPSS

Exploits6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by