VYPR
Unrated severityNVD Advisory· Published Mar 23, 2007· Updated Jun 16, 2026

CVE-2007-1635

CVE-2007-1635

Description

Static code injection vulnerability in admin/settings.php in Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote authenticated users to inject arbitrary PHP code via the xtop parameter in a "ConfigSave" op to admin.php, which can later be accessed via a "Configure" op to admin.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:net_portal_dynamic_system:net_portal_dynamic_system:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:net_portal_dynamic_system:net_portal_dynamic_system:*:*:*:*:*:*:*:*range: <=5.10
    • (no CPE)range: <=5.10

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.