Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phprisk netrisk 1.9.7 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-0144
PHP remote file inclusion vulnerability in index.php in NetRisk 1.9.7 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the page parameter. NOTE: this can also be leveraged for local file inclusion using directory traversal sequences.
Phprisk Netrisk 1.9.7
1 EDB exploit
7.5
CVSSv2
CVE-2008-7155
NetRisk 1.9.7 does not properly restrict access to admin/change_submit.php, which allows remote malicious users to change the password of arbitrary users via a direct request.
Phprisk Netrisk 1.9.7
1 EDB exploit
4.3
CVSSv2
CVE-2008-0186
Cross-site scripting (XSS) vulnerability in index.php in NetRisk 1.9.7 and possibly earlier allows remote malicious users to inject arbitrary web script or HTML via the page parameter, possibly related to CVE-2008-0144.
Phprisk Netrisk
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started