CVE-2007-1634

CVE-2007-1634 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Variable extraction vulnerability in grab_globals.php in Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote attackers to conduct SQL injection attacks via the _FILES[DB][tmp_name] parameter to print.php, which overwrites the $DB variable with dynamic variable evaluation.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.