NexusPHP reports.php file SQL injection vulnerability
NexusPHP is a resource sharing community solution written in PHP developed by the Nexus team in China. A SQL injection vulnerability exists in the reports.php file in NexusPHP version 1.5. A remote attack can exploit this vulnerability to execute arbitrary SQL commands with the 'delreport'...