CVE-2022-46887
Description
Multiple SQL injection vulnerabilities in NexusPHP before 1.7.33 allow remote attackers to execute arbitrary SQL commands via the conuser[] parameter in takeconfirm.php; the delcheater parameter in cheaterbox.php; or the usernw parameter in nowarn.php.
References
ExploitThird Party Advisory
Release NotesThird Party Advisory
CvssV3 impact
Could not find any metrics
CvssV2 impact
Could not find any metrics