CVE-2007-2537

Summary

Multiple SQL injection vulnerabilities in mainfile.php in NPDS 5.10 and earlier allow remote authenticated users to execute arbitrary SQL commands via a (1) nickname or (2) Id in a cookie, or (3) the X-Forwarded-For (X_FORWARDED_FOR) HTTP header.

Affected Software

VendorProductVersion RangeStatus
n/an/an/aaffected

Weaknesses

  • n/a

ADP Enrichment

CVE Program Container

Additional References

References