Nexusphp

CVEs (7)

CVE	Sev	Risk	CVSS	Published	Description
CVE-2017-14076	Cri	0.64	9.8	Aug 31, 2017	SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the id parameter to linksmanage.php in an editlink action.
CVE-2017-14069	Cri	0.64	9.8	Aug 31, 2017	SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the usernw array parameter to nowarn.php.
CVE-2017-13669	Cri	0.64	9.8	Aug 24, 2017	SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php.
CVE-2017-12679	Cri	0.64	9.8	Aug 24, 2017	SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php.
CVE-2017-12981	Cri	0.64	9.8	Aug 21, 2017	NexusPHP 1.5.beta5.20120707 has SQL Injection in forummanage.php via the sort parameter in an addforum action.
CVE-2017-14070	Med	0.40	6.1	Aug 31, 2017	Cross Site Scripting (XSS) exists in NexusPHP 1.5.beta5.20120707 via the PATH_INFO to ipsearch.php, related to PHP_SELF.
CVE-2017-11651	Med	0.40	6.1	Jul 26, 2017	NexusPHP V1.5 has XSS via a javascript: or data: URL in a UBBCode url tag.

CVE-2017-14076CriAug 31, 2017
risk 0.64cvss 9.8epss 0.00
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the id parameter to linksmanage.php in an editlink action.
CVE-2017-14069CriAug 31, 2017
risk 0.64cvss 9.8epss 0.00
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the usernw array parameter to nowarn.php.
CVE-2017-13669CriAug 24, 2017
risk 0.64cvss 9.8epss 0.00
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php.
CVE-2017-12679CriAug 24, 2017
risk 0.64cvss 9.8epss 0.00
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php.
CVE-2017-12981CriAug 21, 2017
risk 0.64cvss 9.8epss 0.00
NexusPHP 1.5.beta5.20120707 has SQL Injection in forummanage.php via the sort parameter in an addforum action.
CVE-2017-14070MedAug 31, 2017
risk 0.40cvss 6.1epss 0.00
Cross Site Scripting (XSS) exists in NexusPHP 1.5.beta5.20120707 via the PATH_INFO to ipsearch.php, related to PHP_SELF.
CVE-2017-11651MedJul 26, 2017
risk 0.40cvss 6.1epss 0.00
NexusPHP V1.5 has XSS via a javascript: or data: URL in a UBBCode url tag.