NexusPHP 'usernw' Parameter SQL Injection Vulnerability
NexusPHP is a resource sharing community solution written in PHP developed by the Nexus team in China. A SQL injection vulnerability exists in NexusPHP version 1.5.beta5.20120707. A remote attacker can exploit this vulnerability by sending the 'usernw' parameter to the nowarn.php file to execute...