Nexusphp · Nexusphp · CVE-2017-12981
**Name of the Vulnerable Software and Affected Versions**
NexusPHP version 1.5.beta5.20120707
**Description**
The issue concerns a SQL Injection in the forummanage.php file via the `sort` parameter in an addforum action.
**Recommendations**
For NexusPHP version 1.5.beta5.20120707, avoid using the `sort` parameter in the addforum action until the issue is resolved. As a temporary workaround, consider restricting access to the forummanage.php file to minimize the risk of exploitation.