Nukescripts : Security Vulnerabilities, CVEs, (Sql injection)

CVE-2007-5151

SQL injection vulnerability in the abget_admin function in includes/nukesentinel.php in NukeSentinel 2.5.12 allows remote attackers to execute arbitrary SQL commands via base64-encoded data in an admin cookie.
Max CVSS
7.5
EPSS Score
0.30%
Published
2007-10-01
Updated
2018-10-15

CVE-2007-5150

SQL injection vulnerability in the is_god function in includes/nukesentinel.php in NukeSentinel 2.5.11 allows remote attackers to execute arbitrary SQL commands via base64-encoded data in an admin cookie, a different vector than CVE-2007-5125.
Max CVSS
7.5
EPSS Score
0.30%
Published
2007-10-01
Updated
2018-10-15

CVE-2007-1172

SQL injection vulnerability in nukesentinel.php in NukeSentinel 2.5.05, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the Client-IP HTTP header, aka the "File Disclosure Exploit."
Max CVSS
6.4
EPSS Score
0.80%
Published
2007-03-02
Updated
2018-10-16

CVE-2007-1171

SQL injection vulnerability in includes/nsbypass.php in NukeSentinel 2.5.05, 2.5.11, and other versions before 2.5.12 allows remote attackers to execute arbitrary SQL commands via an admin cookie.
Max CVSS
7.5
EPSS Score
1.30%
Published
2007-03-02
Updated
2018-10-16
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close