CVE-2007-1172

Name of the Vulnerable Software and Affected Versions NukeSentinel versions 2.5.05 and earlier

Description The issue allows remote attackers to execute arbitrary SQL commands via the Client-IP HTTP header. This can lead to unauthorized access and manipulation of sensitive data.

Recommendations For versions 2.5.05 and earlier, consider restricting access to the nukesentinel.php file until a patch is available. As a temporary workaround, avoid using the Client-IP HTTP header in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.