SQL injection vulnerability in index.php in NetRisk 2.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter in a (1) profile page (profile.php) or (2) game page (game.php). NOTE: some of these details are obtained from third party information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netrisk netrisk 1.9.7 |
||
netrisk netrisk |