Net Portal Dynamic System CVE-2007-1634 SQL-Injection Vulnerability

Net Portal Dynamic System CVE-2007-1634 SQL-Injection Vulnerability

Net Portal Dynamic System is prone to a sql-injection vulnerability. Variable extraction vulnerability in grab_globals.php in Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote attackers to conduct SQL injection attacks via the _FILES[DB][tmp_name] parameter to print.php, which overwrites the $DB variable with dynamic variable evaluation.