13 matches found
EUVD-2008-0197
Malware in sbrugna...
Server side request forgery (ssrf)
NetRisk 1.9.7 does not properly restrict access to admin/changesubmit.php, which allows remote attackers to change the password of arbitrary users via a direct request...
CVE-2008-7155
NetRisk 1.9.7 does not properly restrict access to admin/changesubmit.php, which allows remote attackers to change the password of arbitrary users via a direct request...
CVE-2008-7155
NetRisk 1.9.7 does not properly restrict access to admin/changesubmit.php, which allows remote attackers to change the password of arbitrary users via a direct request...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in NetRisk 1.9.7 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter, possibly related to CVE-2008-0144...
CVE-2008-0186
CVE-2008-0186 is an XSS vulnerability in NetRisk 1.9.7 (and possibly earlier) affecting index.php. The issue allows remote attackers to inject arbitrary web script or HTML through the page parameter. The affected product is NetRisk; root cause is reflected/scriptable input via the page parameter ...
Directory traversal
PHP remote file inclusion vulnerability in index.php in NetRisk 1.9.7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: this can also be leveraged for local file inclusion using directory traversal sequences...
CVE-2008-0144
PHP remote file inclusion vulnerability in index.php in NetRisk 1.9.7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: this can also be leveraged for local file inclusion using directory traversal sequences...
CVE-2008-0144
NetRisk 1.9.7 and earlier is affected by CVE-2008-0144: a PHP remote file inclusion in index.php via the page parameter can lead to arbitrary PHP code execution. The vulnerability can also be leveraged for local file inclusion through directory traversal sequences. This is a remote exploit over t...
NetRisk 1.9.7 - Cross-Site Scripting SQL Injection
NetRisk 1.9.7 - Cross-Site Scripting SQL Injection ...:::::netrisk 1.9.7 Multiple Remote Vulnerabilities::::.... sql injection/xss Virangar Security Team www.virangar.org www.virangar.net -------- Discoverd By : virangar security team hadihadi --------------------------------- special tnx...
NetRisk 1.9.7 - Remote Password Change
!/usr/bin/perl ========================================================================================================================= | | / | | | | | | | / / / || \ '| / | ' / - | / \ V V / - ' \ / - || | \/,|/| /| |||||///|./ |,|...
NetRisk 1.9.7 (change_submit.php) Remote Password Change Exploit
Exploit for unknown platform in category web applications ================================================================ NetRisk 1.9.7 changesubmit.php Remote Password Change Exploit ================================================================ !/usr/bin/perl...
NetRisk 1.9.7 - Local/Remote File Inclusion
NetRisk = 1.9.7 Remote/Local File Inclusion Vulnerability AUTHOR : S.W.A.T. HOME : http://svvat.ir Download : http://phprisk.org/netrisk1.9.7.zip DorKs : inurl:index.php?page=gamebrowser EXPLOIT : http://server.com/Path/index.php?page=SHELL http://server.com/Path/index.php?page=-LFI- GREETZ :...