Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nukescripts nukesentinel vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-1493
nukesentinel.php in NukeSentinel 2.5.06 and previous versions uses a permissive regular expression to validate an IP address, which allows remote malicious users to execute arbitrary SQL commands via the Client-IP HTTP header, due to an incomplete patch for CVE-2007-1172.
Nukescripts Nukesentinel
2 EDB exploits
NA
CVE-2007-1171
SQL injection vulnerability in includes/nsbypass.php in NukeSentinel 2.5.05, 2.5.11, and other versions prior to 2.5.12 allows remote malicious users to execute arbitrary SQL commands via an admin cookie.
Nukescripts Nukesentinel
1 EDB exploit
NA
CVE-2007-1494
Cross-site scripting (XSS) vulnerability in NukeSentinel prior to 2.5.06 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to the "filters for https:// and http://".
Nukescripts Nukesentinel
NA
CVE-2007-5150
SQL injection vulnerability in the is_god function in includes/nukesentinel.php in NukeSentinel 2.5.11 allows remote malicious users to execute arbitrary SQL commands via base64-encoded data in an admin cookie, a different vector than CVE-2007-5125.
Nukescripts Nukesentinel 2.5.11
NA
CVE-2007-5151
SQL injection vulnerability in the abget_admin function in includes/nukesentinel.php in NukeSentinel 2.5.12 allows remote malicious users to execute arbitrary SQL commands via base64-encoded data in an admin cookie.
Nukescripts Nukesentinel 2.5.12
NA
CVE-2007-1172
SQL injection vulnerability in nukesentinel.php in NukeSentinel 2.5.05, and possibly earlier, allows remote malicious users to execute arbitrary SQL commands via the Client-IP HTTP header, aka the "File Disclosure Exploit."
Nukescripts Nukesentinel 2.5.05
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started