Unrated severityNVD Advisory· Published Mar 23, 2007· Updated Jun 16, 2026
CVE-2007-1635
CVE-2007-1635
Description
Static code injection vulnerability in admin/settings.php in Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote authenticated users to inject arbitrary PHP code via the xtop parameter in a "ConfigSave" op to admin.php, which can later be accessed via a "Configure" op to admin.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:net_portal_dynamic_system:net_portal_dynamic_system:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:net_portal_dynamic_system:net_portal_dynamic_system:*:*:*:*:*:*:*:*range: <=5.10
- (no CPE)range: <=5.10
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.