SQL injection vulnerability in index.php in NetRisk 1.9.7 and possibly earlier versions allows remote malicious users to execute arbitrary SQL commands via the pid parameter in a profile page (possibly profile.php).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netrisk netrisk 1.9.7 |