Vulnerabilities > Nexusphp Project > Nexusphp > High

DATE CVE VULNERABILITY TITLE RISK
2017-09-17 CVE-2017-14512 SQL Injection vulnerability in Nexusphp Project Nexusphp 1.5
NexusPHP 1.5.beta5.20120707 has SQL Injection in forummanage.php via the sort parameter in an editforum action, a different vulnerability than CVE-2017-12981.
network
low complexity
nexusphp-project CWE-89
7.5
7.5
2017-08-18 CVE-2017-12776 SQL Injection vulnerability in Nexusphp Project Nexusphp 1.5
SQL injection vulnerability in reports.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the delreport parameter.
network
low complexity
nexusphp-project CWE-89
7.5
7.5
2017-08-17 CVE-2017-12910 SQL Injection vulnerability in Nexusphp Project Nexusphp 1.5
SQL injection vulnerability in massmail.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the or parameter.
network
low complexity
nexusphp-project CWE-89
7.5
7.5
2017-08-17 CVE-2017-12909 SQL Injection vulnerability in Nexusphp Project Nexusphp 1.5
SQL injection vulnerability in modtask.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the userid parameter.
network
low complexity
nexusphp-project CWE-89
7.5
7.5
2017-08-17 CVE-2017-12908 SQL Injection vulnerability in Nexusphp Project Nexusphp 1.5
SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the conusr parameter.
network
low complexity
nexusphp-project CWE-89
7.5
7.5