Vulnerabilities > Nexusphp

DATE CVE VULNERABILITY TITLE RISK
2017-08-24 CVE-2017-13669 SQL Injection vulnerability in Nexusphp 1.5
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php.
network
low complexity
nexusphp CWE-89
critical
9.8
2017-08-24 CVE-2017-12679 SQL Injection vulnerability in Nexusphp 1.5
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php.
network
low complexity
nexusphp CWE-89
critical
9.8
2017-08-21 CVE-2017-12981 SQL Injection vulnerability in Nexusphp 1.5
NexusPHP 1.5.beta5.20120707 has SQL Injection in forummanage.php via the sort parameter in an addforum action.
network
low complexity
nexusphp CWE-89
critical
9.8
2017-07-26 CVE-2017-11651 Cross-site Scripting vulnerability in Nexusphp 1.5
NexusPHP V1.5 has XSS via a javascript: or data: URL in a UBBCode url tag.
network
low complexity
nexusphp CWE-79
6.1