Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nukescripts nukesentinel vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-1493
nukesentinel.php in NukeSentinel 2.5.06 and previous versions uses a permissive regular expression to validate an IP address, which allows remote malicious users to execute arbitrary SQL commands via the Client-IP HTTP header, due to an incomplete patch for CVE-2007-1172.
Nukescripts Nukesentinel
2 EDB exploits
NA
CVE-2007-1494
Cross-site scripting (XSS) vulnerability in NukeSentinel prior to 2.5.06 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to the "filters for https:// and http://".
Nukescripts Nukesentinel
NA
CVE-2007-1171
SQL injection vulnerability in includes/nsbypass.php in NukeSentinel 2.5.05, 2.5.11, and other versions prior to 2.5.12 allows remote malicious users to execute arbitrary SQL commands via an admin cookie.
Nukescripts Nukesentinel
1 EDB exploit
NA
CVE-2007-5150
SQL injection vulnerability in the is_god function in includes/nukesentinel.php in NukeSentinel 2.5.11 allows remote malicious users to execute arbitrary SQL commands via base64-encoded data in an admin cookie, a different vector than CVE-2007-5125.
Nukescripts Nukesentinel 2.5.11
NA
CVE-2007-5151
SQL injection vulnerability in the abget_admin function in includes/nukesentinel.php in NukeSentinel 2.5.12 allows remote malicious users to execute arbitrary SQL commands via base64-encoded data in an admin cookie.
Nukescripts Nukesentinel 2.5.12
NA
CVE-2007-1172
SQL injection vulnerability in nukesentinel.php in NukeSentinel 2.5.05, and possibly earlier, allows remote malicious users to execute arbitrary SQL commands via the Client-IP HTTP header, aka the "File Disclosure Exploit."
Nukescripts Nukesentinel 2.5.05
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started