Vulnerabilities > Netref

DATE	CVE	VULNERABILITY TITLE	RISK
2008-12-15	CVE-2008-5561	SQL Injection vulnerability in Netref 4.0 SQL injection vulnerability in Netref 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) fiche_product.php and (2) presentation.php. network low complexity netref CWE-89	7.5
2006-10-31	CVE-2006-5618	Directory Traversal vulnerability in Netref 4 Directory traversal vulnerability in script/cat_for_aff.php in Netref 4 allows remote attackers to read arbitrary files via a .. network low complexity netref	5.0
2005-12-13	CVE-2005-4198	SQL Injection vulnerability in Netref 3.0 SQL injection vulnerability in index.php in Netref 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. network low complexity netref CWE-89	7.5
2005-05-02	CVE-2005-1222	Remote Security vulnerability in Netref 4.2 cat_for_gen.php in Annuaire Netref 4.2 allows remote attackers to execute arbitrary PHP code by setting the ad_direct parameter to reference cat_for_gen.php, then including the code in the m_for_racine parameter, which is then written to cat_for_gen.php. network low complexity netref	7.5

Vulnerabilities > Netref {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Netref"}]}