PHP remote file inclusion vulnerability in libs/Smarty.class.php in Smarty 2.6.9 allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter. NOTE: in the original disclosure, filename is used in a function definition, so this report is probably incorrect
References
Configurations
History
07 Nov 2023, 01:59
Type | Values Removed | Values Added |
---|---|---|
Summary | PHP remote file inclusion vulnerability in libs/Smarty.class.php in Smarty 2.6.9 allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter. NOTE: in the original disclosure, filename is used in a function definition, so this report is probably incorrect |
Information
Published : 2007-03-03 21:19
Updated : 2024-08-07 21:15
NVD link : CVE-2006-7105
Mitre link : CVE-2006-7105
CVE.ORG link : CVE-2006-7105
JSON object : View
Products Affected
smarty
- smarty
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')