Nukesentinel@* Security Vulnerabilities and Issues — Nukesentinel@* CVE List

Lucene search

NukescriptsNukesentinel*

3 matches found

CVE•added 2007/03/16 10:19 p.m.•48 views

CVE-2007-1493

nukesentinel.php in NukeSentinel 2.5.06 and earlier uses a permissive regular expression to validate an IP address, which allows remote attackers to execute arbitrary SQL commands via the Client-IP HTTP header, due to an incomplete patch for CVE-2007-1172.

7.5CVSS8AI score0.02924EPSS

CVE•added 2007/03/16 10:19 p.m.•43 views

CVE-2007-1494

Cross-site scripting (XSS) vulnerability in NukeSentinel before 2.5.06 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the "filters for https:// and http://".

6.8CVSS5.7AI score0.00433EPSS

CVE•added 2007/03/02 9:18 p.m.•38 views

CVE-2007-1171

SQL injection vulnerability in includes/nsbypass.php in NukeSentinel 2.5.05, 2.5.11, and other versions before 2.5.12 allows remote attackers to execute arbitrary SQL commands via an admin cookie.

7.5CVSS8.3AI score0.03591EPSS