NexusPHP SQL Injection Vulnerability (CNVD-2023-05400)

NexusPHP is a free and open source complete PT site building solution. versions prior to NexusPHP 1.7.33 have a security vulnerability that could be exploited by attackers to allow remote attackers to execute arbitrary SQL commands via the conuser parameter in takeconfirm.php...

CVE-2022-46887

Multiple SQL injection vulnerabilities in NexusPHP before 1.7.33 allow remote attackers to execute arbitrary SQL commands via the conuser parameter in takeconfirm.php; the delcheater parameter in cheaterbox.php; or the usernw parameter in nowarn.php...

Sql injection

Multiple SQL injection vulnerabilities in NexusPHP before 1.7.33 allow remote attackers to execute arbitrary SQL commands via the conuser parameter in takeconfirm.php; the delcheater parameter in cheaterbox.php; or the usernw parameter in nowarn.php...

Sql injection

SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the classes parameter...

CVE-2020-24769

SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the classes parameter...

CVE-2017-12908

SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the conusr parameter...

Sql injection

SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the conusr parameter...

CVE-2017-12908

SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the conusr parameter...

CVE-2017-12908

NexusPHP 1.5 is affected by a SQL injection in takeconfirm.php via the conusr parameter. The root cause is an unsafe handling of input that allows remote attackers to execute arbitrary SQL commands. The CVE description and multiple connected sources confirm this vulnerability; however, the provid...