2 matches found
CVE-2007-2537
Multiple SQL injection vulnerabilities in mainfile.php in NPDS 5.10 and earlier allow remote authenticated users to execute arbitrary SQL commands via a 1 nickname or 2 Id in a cookie, or 3 the X-Forwarded-For XFORWARDEDFOR HTTP header...
CVE-2007-2537
The CVE-2007-2537 entry describes SQL injection vulnerabilities in NPDS 5.10 and earlier, exploitable through (1) a cookie containing nickname or Id, or (2) X-Forwarded-For header. The underlying issue is injection in mainfile.php allowing remote authenticated users to execute arbitrary SQL comma...