Minhaizhao

**Name of the Vulnerable Software and Affected Versions** NexusPHP version 1.5.beta5.20120707 **Description** The issue concerns a SQL Injection in the forummanage.php file via the `sort` parameter in an addforum action. **Recommendations** For NexusPHP version 1.5.beta5.20120707, avoid using the `sort` parameter in the addforum action until the issue is resolved. As a temporary workaround, consider restricting access to the forummanage.php file to minimize the risk of exploitation.