CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

seebug.org•added 2014/07/01 12:0 a.m.•20 views

NukeSentinel <= 2.5.06 (MySQL => 4.0.24) - Remote SQL Injection Exploit

No description provided by source. !/usr/bin/php ?php errorreportingEALL ^ ENOTICE; if$argc 3 print -- NukeSentinel = 2.5.06 SQL Injection mysql = 4.0.24 Exploit --- ----------------------------------------------------------------------- PHP conditions: none CMS conditions: disableswitch=0 module...

7.1AI score

securityvulns•added 2007/10/28 12:0 a.m.•29 views

Local File Inclusion and Information Leakage vulnerabilities in PHP-Nuke

Здравствуйте 3APA3A! Сообщаю вам о найденной мною Local File Inclusion и Information Leakage уязвимостях в PHP-Nuke. Уязвимости в скриптах autohtml.php и autohtml0.php в параметре filename. Local File Inclusion: http://site/autohtml.php?filename=../file.php...

7.1AI score

NVD•added 2007/10/01 5:17 a.m.•15 views

CVE-2007-5150

SQL injection vulnerability in the isgod function in includes/nukesentinel.php in NukeSentinel 2.5.11 allows remote attackers to execute arbitrary SQL commands via base64-encoded data in an admin cookie, a different vector than CVE-2007-5125...

7.5CVSS8.2AI score0.00596EPSS

Prion•added 2007/10/01 5:17 a.m.•13 views

Sql injection

7.5CVSS8.7AI score0.00596EPSS

NVD•added 2007/10/01 5:17 a.m.•15 views

CVE-2007-5151

SQL injection vulnerability in the abgetadmin function in includes/nukesentinel.php in NukeSentinel 2.5.12 allows remote attackers to execute arbitrary SQL commands via base64-encoded data in an admin cookie...

7.5CVSS8.3AI score0.00596EPSS

Prion•added 2007/10/01 5:17 a.m.•16 views

Sql injection

7.5CVSS9.1AI score0.00596EPSS

Cvelist•added 2007/10/01 12:0 a.m.•17 views

CVE-2007-5150

8.2AI score0.00596EPSS

Cvelist•added 2007/10/01 12:0 a.m.•15 views

CVE-2007-5151

8.3AI score0.00596EPSS

CVE•added 2007/10/01 12:0 a.m.•42 views

CVE-2007-5151

CVE-2007-5151 affects NukeSentinel 2.5.12: the abget_admin function in includes/nukesentinel.php is vulnerable to SQL injection via base64-encoded data in an admin cookie, allowing remote SQL execution. Documentation shows the vulnerability but provides no patch details in the connected sources; ...

7.5CVSS8.4AI score0.00596EPSS

CVE•added 2007/10/01 12:0 a.m.•54 views

CVE-2007-5150

CVE-2007-5150 describes an SQL injection in the is_god function of includes/nukesentinel.php in NukeSentinel 2.5.11, allowing remote attackers to inject SQL via base64-encoded data in an admin cookie (distinct from CVE-2007-5125). The available documents specify the vulnerable component and trigg...

7.5CVSS8.2AI score0.00596EPSS

securityvulns•added 2007/09/28 12:0 a.m.•56 views

[waraxe-2007-SA#058] - Critical Sql Injection in NukeSentinel 2.5.12

waraxe-2007-SA058 - Critical Sql Injection in NukeSentinel 2.5.12 ==================================================================== Author: Janek Vind "waraxe" Date: 27. September 2007 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-58.html Target software description: Developer:...

8.2AI score

securityvulns•added 2007/09/27 12:0 a.m.•52 views

[waraxe-2007-SA#056] - Another Sql Injection in NukeSentinel 2.5.11

waraxe-2007-SA056 - Another Sql Injection in NukeSentinel 2.5.11 ==================================================================== Author: Janek Vind "waraxe" Date: 27. September 2007 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-56.html Target software description: Developer:...

securityvulns•added 2007/09/26 12:0 a.m.•50 views

[waraxe-2007-SA#053] - Critical Sql Injection in NukeSentinel 2.5.11

waraxe-2007-SA053 - Critical Sql Injection in NukeSentinel 2.5.11 ==================================================================== Author: Janek Vind "waraxe" Date: 25. September 2007 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-53.html Target software description:...

8.1AI score