CVE-2007-1634 Information
Feb 14, 2021
cve
Description
Variable extraction vulnerability in grab_globals.php in Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote attackers to conduct SQL injection attacks via the _FILES[DB][tmp_name] parameter to print.php which overwrites the $DB variable with dynamic variable evaluation.
Reference
http://secunia.com/advisories/24571 http://securityreason.com/securityalert/2473 http://www.attrition.org/pipermail/vim/2007-March/001460.html http://www.securityfocus.com/archive/1/463176/100/0/threaded
Share on: