Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nukescripts nukesentinel vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2007-1171
SQL injection vulnerability in includes/nsbypass.php in NukeSentinel 2.5.05, 2.5.11, and other versions prior to 2.5.12 allows remote malicious users to execute arbitrary SQL commands via an admin cookie.
Nukescripts Nukesentinel
1 EDB exploit
760
VMScore
CVE-2007-1493
nukesentinel.php in NukeSentinel 2.5.06 and previous versions uses a permissive regular expression to validate an IP address, which allows remote malicious users to execute arbitrary SQL commands via the Client-IP HTTP header, due to an incomplete patch for CVE-2007-1172.
Nukescripts Nukesentinel
2 EDB exploits
605
VMScore
CVE-2007-1494
Cross-site scripting (XSS) vulnerability in NukeSentinel prior to 2.5.06 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to the "filters for https:// and http://".
Nukescripts Nukesentinel
645
VMScore
CVE-2007-1172
SQL injection vulnerability in nukesentinel.php in NukeSentinel 2.5.05, and possibly earlier, allows remote malicious users to execute arbitrary SQL commands via the Client-IP HTTP header, aka the "File Disclosure Exploit."
Nukescripts Nukesentinel 2.5.05
1 EDB exploit
668
VMScore
CVE-2007-5150
SQL injection vulnerability in the is_god function in includes/nukesentinel.php in NukeSentinel 2.5.11 allows remote malicious users to execute arbitrary SQL commands via base64-encoded data in an admin cookie, a different vector than CVE-2007-5125.
Nukescripts Nukesentinel 2.5.11
668
VMScore
CVE-2007-5151
SQL injection vulnerability in the abget_admin function in includes/nukesentinel.php in NukeSentinel 2.5.12 allows remote malicious users to execute arbitrary SQL commands via base64-encoded data in an admin cookie.
Nukescripts Nukesentinel 2.5.12
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started