Описание
SQL injection vulnerability in index.php in NetRisk 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) profile page (profile.php) or (2) game page (game.php). NOTE: some of these details are obtained from third party information.
SQL injection vulnerability in index.php in NetRisk 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) profile page (profile.php) or (2) game page (game.php). NOTE: some of these details are obtained from third party information.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-4887
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46263
- https://www.exploit-db.com/exploits/6957
- http://osvdb.org/49498
- http://secunia.com/advisories/32484
- http://securityreason.com/securityalert/4544
- http://www.securityfocus.com/bid/32051
- http://www.vupen.com/english/advisories/2008/2977
Связанные уязвимости
SQL injection vulnerability in index.php in NetRisk 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) profile page (profile.php) or (2) game page (game.php). NOTE: some of these details are obtained from third party information.