CVE-2007-1493

NukeSentinel <2.5.06 - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2007-1493. PoCs published by DarkFig.

AI-analyzed exploit summary This exploit targets a SQL injection vulnerability in NukeSentinel <= 2.5.06 by manipulating the 'Client-IP' header to extract admin credentials via time-based blind SQLi. It uses a benchmark-based delay to infer character values from the database.

Description

nukesentinel.php in NukeSentinel 2.5.06 and earlier uses a permissive regular expression to validate an IP address, which allows remote attackers to execute arbitrary SQL commands via the Client-IP HTTP header, due to an incomplete patch for CVE-2007-1172.

Exploits (2)

exploitdb WORKING POC VERIFIED
by DarkFig · phpwebappsphp
https://www.exploit-db.com/exploits/3450

This exploit targets a SQL injection vulnerability in NukeSentinel <= 2.5.06 by manipulating the 'Client-IP' header to extract admin credentials via time-based blind SQLi. It uses a benchmark-based delay to infer character values from the database.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: NukeSentinel <= 2.5.06
No auth needed
Prerequisites: MySQL >= 4.0.24 · NukeSentinel module activated with track_active=1 and disable_switch<=0
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by DarkFig · phpwebappsphp
https://www.exploit-db.com/exploits/3338

This exploit leverages a SQL injection vulnerability in NukeSentinel 2.5.05 to perform file disclosure. It manipulates the 'Client-IP' header to inject malicious SQL queries, ultimately reading arbitrary files from the server.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: NukeSentinel 2.5.05
No auth needed
Prerequisites: Target must have NukeSentinel 2.5.05 installed · Module must be activated (disable_switch<=0)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit mailing-list x_refsource_vim
http://attrition.org/pipermail/vim/2007-March/001429.html
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/2430
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/462453/100/0/threaded

Scores

EPSS 0.0321
EPSS Percentile 86.5%

Details

Status published
Products (1)
nukescripts/nukesentinel < 2.5.06
Published Mar 16, 2007
Tracked Since Feb 18, 2026