CVE-2007-1635 Information
Feb 14, 2021
cve
Description
Static code injection vulnerability in admin/settings.php in Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote authenticated users to inject arbitrary PHP code via the xtop parameter in a \ConfigSave\ op to admin.php which can later be accessed via a \Configure\ op to admin.php.
Reference
http://osvdb.org/34303 http://secunia.com/advisories/24571 http://securityreason.com/securityalert/2473 http://www.securityfocus.com/archive/1/463176/100/0/threaded
Share on: