Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netrisk netrisk 1.9.7 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4887
SQL injection vulnerability in index.php in NetRisk 2.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter in a (1) profile page (profile.php) or (2) game page (game.php). NOTE: some of these details are obtained from third ...
Netrisk Netrisk 1.9.7
Netrisk Netrisk
1 EDB exploit
NA
CVE-2008-4888
Cross-site scripting (XSS) vulnerability in error.php in NetRisk 2.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the error parameter to index.php. NOTE: some of these details are obtained from third party information.
Netrisk Netrisk 1.9.7
Netrisk Netrisk
1 EDB exploit
NA
CVE-2008-0185
SQL injection vulnerability in index.php in NetRisk 1.9.7 and possibly earlier versions allows remote malicious users to execute arbitrary SQL commands via the pid parameter in a profile page (possibly profile.php).
Netrisk Netrisk 1.9.7
1 EDB exploit
NA
CVE-2008-7155
NetRisk 1.9.7 does not properly restrict access to admin/change_submit.php, which allows remote malicious users to change the password of arbitrary users via a direct request.
Phprisk Netrisk 1.9.7
1 EDB exploit
NA
CVE-2008-0144
PHP remote file inclusion vulnerability in index.php in NetRisk 1.9.7 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the page parameter. NOTE: this can also be leveraged for local file inclusion using directory traversal sequences.
Phprisk Netrisk 1.9.7
1 EDB exploit
NA
CVE-2008-0186
Cross-site scripting (XSS) vulnerability in index.php in NetRisk 1.9.7 and possibly earlier allows remote malicious users to inject arbitrary web script or HTML via the page parameter, possibly related to CVE-2008-0144.
Phprisk Netrisk
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started