CVE-2008-0186

Phprisk Netrisk < 1.9.7 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in index.php in NetRisk 1.9.7 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter, possibly related to CVE-2008-0144.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Virangar Security · textwebappsphp
https://www.exploit-db.com/exploits/4852

References (4)

Scores

EPSS 0.0348
EPSS Percentile 87.4%

Classification

CWE
CWE-79
Status draft

Affected Products (1)

phprisk/netrisk < 1.9.7

Timeline

Published Jan 09, 2008
Tracked Since Feb 18, 2026