CVE-2007-1172

NukeSentinel <2.5.05 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in nukesentinel.php in NukeSentinel 2.5.05, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the Client-IP HTTP header, aka the "File Disclosure Exploit."

Exploits (1)

exploitdb WORKING POC VERIFIED
by DarkFig · phpwebappsphp
https://www.exploit-db.com/exploits/3338

References (5)

Scores

EPSS 0.0069
EPSS Percentile 71.5%

Classification

Status draft

Affected Products (1)

nukescripts/nukesentinel

Timeline

Published Mar 02, 2007
Tracked Since Feb 18, 2026