Vulnerabilities > CVE-2007-1172 - SQL-Injection vulnerability in Nukescripts Nukesentinel 2.5.05
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
SQL injection vulnerability in nukesentinel.php in NukeSentinel 2.5.05, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the Client-IP HTTP header, aka the "File Disclosure Exploit."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | NukeSentinel 2.5.05 (nukesentinel.php) File Disclosure Exploit. CVE-2007-1172,CVE-2007-1493. Webapps exploit for php platform |
file | exploits/php/webapps/3338.php |
id | EDB-ID:3338 |
last seen | 2016-01-31 |
modified | 2007-02-20 |
platform | php |
port | |
published | 2007-02-20 |
reporter | DarkFig |
source | https://www.exploit-db.com/download/3338/ |
title | NukeSentinel 2.5.05 - nukesentinel.php File Disclosure Exploit |
type | webapps |