Variable extraction vulnerability in grab_globals.php in Net Portal Dynamic System (NPDS) 5.10 and previous versions allows remote malicious users to conduct SQL injection attacks via the _FILES[DB][tmp_name] parameter to print.php, which overwrites the $DB variable with dynamic variable evaluation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
net portal dynamic system net portal dynamic system |