CVE-2008-7155
NetRisk 1.9.7 is reported to misrestrict access to admin/change_submit.php, enabling remote attackers to change arbitrary user passwords via a direct request. This is documented in CVE-2008-7155 with a CVSS v2 base score of 7.5 (HIGH) and network attack vector. OpenVAS entries refer to a NetRisk ...