Read this post for details. NukeSentinel™ is named for not stopping this attack when it absolutely does, 100% of the time, if you have the Union blocker on. I have replied to the thread as follows:

[snip]Of course, mysql version 4.x must be used with enabled union functionality. And if there are Sentinel or similar protection systems installed, additional measures must be used to evade them.[/snip]

You are mistaken. If NukeSentinel is installed and active, it blocks them 100% of the time. This exploit is nothing more than a variation on a theme. It's another in a long line of UNION exploits which NukeSentinel has been blocking since day one.

Note: 

There are actually 2 more "new" exploits listed - All pertaining to nuke 7.6:
http://www.securityfocus.com/bid/13061
http://www.securityfocus.com/bid/13055

If you have Chatserv's patches installed and NukeSentinel(tm) - Sleep well tonight!

Well, it's not really a security issue per se, but it can wreck havoc in your reviews section. Check your comments section of your reviews. You are likely to see a bunch of garbage similar to " bronzebronze agebronze starthe bronzebronze sculpturebronze castingbronze statuesbronze statuethe bronze agebronze bowphosphor bronzebronze sculpturesbronze medalbronze medallionbronze horsemanthe bronze bowcast bronzechinese bronzemonitor audio bronzebronze betabronze plaquesg3 bronzealuminum bronzeoil rubbed bronzebronze" (and it goes on and on). Each of these words are a hyperlink. Probably advertizing because there are other comments too, like for credit card stuff. Basically, imo, you have a couple of choices. See I've been bronzed for more information.

Nukeum66 writes:  

I have in the past few week received a number of these emails. If you receive any mail that seems a bit odd regarding your Paypal account, please forward the email to spoof at paypal dot com . The following is a copy of the latest spoofed email I received. Read More...

southern writes:  

SecurityTracker Alert ID: 1013362 SecurityTracker URL: http://securitytracker.com/id?1013362 CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site) Date: Mar 3 2005
Impact: Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information
 Read More...

fisicouk writes:  

This file will enable all of the IP's in Host.Deny 2.4C, as well as 6100 other Ip's kindly provided by Gerard from Dancemusic4u.com,to be added to your Nuke Banned IP List


NOTES:This will over-write any data in your Nuke Blocked_Ip table
ONLY SOME support will be offered for this, as it is only part of a future MOD (Host.Deny Auto Execute File

This file will need to be split into chunks to be read by PHP MyADMIN without Crashing.

This file has been tested and does work, so I do now offer some support on this file.

DOWNLOAD Here

LLOYD

The point in this???? Stop hackers. A Sentinel version will be done soon.....

64bitguy writes:  

As everyone is now aware, there have been a couple of security exploits recently discovered. Unfortunately, those exploits also exist in phpBB 2.0.12.

These two changes are very easy to employ and normally I would post the code, but due to the serious nature of these exploits, I will simply point you to the phpbb forum.

I urge everyone to visit the phpbb forums and read the phpBB Urgent Security Update Post and implement these two changes!

Steph Benoit
http://64bit.us

Note: 

BBtoNuke 2.0.13 also available here.