Nexusphp Security Vulnerabilities and Issues — Nexusphp CVE List

Lucene search

Nexusphp ProjectNexusphp

2 matches found

CVE•added 2017/10/03 1:29 a.m.•38 views

CVE-2017-12792

Multiple cross-site request forgery (CSRF) vulnerabilities in NexusPHP 1.5 allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) linkname, (2) url, or (3) title parameter in an add action to linksmanage.php.

6.1CVSS6.5AI score0.01533EPSS

CVE•added 2017/10/15 3:29 a.m.•38 views

CVE-2017-15305

XSS exists in NexusPHP 1.5 via the keyword parameter to messages.php.

6.1CVSS5.9AI score0.00235EPSS