Vulnerabilities > Nexusphp Project > Nexusphp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-17 | CVE-2017-12909 | SQL Injection vulnerability in Nexusphp Project Nexusphp 1.5 SQL injection vulnerability in modtask.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the userid parameter. | 7.5 |
| 2017-08-17 | CVE-2017-12908 | SQL Injection vulnerability in Nexusphp Project Nexusphp 1.5 SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the conusr parameter. | 7.5 |
| 2017-08-17 | CVE-2017-12907 | Cross-site Scripting vulnerability in Nexusphp Project Nexusphp 1.5 Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via the url path to usersearch.php. | 4.3 |
| 2017-08-10 | CVE-2017-12798 | Cross-site Scripting vulnerability in Nexusphp Project Nexusphp 1.5 Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via the q parameter to searchsuggest.php. | 4.3 |
| 2017-08-09 | CVE-2017-12777 | Cross-site Scripting vulnerability in Nexusphp Project Nexusphp 1.5 Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via some parameter to usersearch.php. | 4.3 |
| 2017-08-07 | CVE-2017-12655 | Cross-site Scripting vulnerability in Nexusphp Project Nexusphp 1.5 Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via the query parameter to log.php in a dailylog action. | 4.3 |