|
|
CVE Reference: CVE-2007-1634 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-1634 |
|
|
Description: Variable extraction vulnerability in grab_globals.php in Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote attackers to conduct SQL injection attacks via the _FILES[DB][tmp_name] parameter to print.php, which overwrites the $DB variable with dynamic variable evaluation. |
|
|
CVE Status: Candidate |
|
|
References: VIM http://www.attrition.org/pipermail/vim/2007-March/001460.html SREASON http://securityreason.com/securityalert/2473 SAID Secunia Advisory: SA24571 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/463176/100/0/threaded |
|
| Return to the previous page. |
