Vulnerabilities > CVE-2006-7193 - Unspecified vulnerability in Smarty 2.6.1

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

smarty

NVD

Published: 2007-04-12

Updated: 2024-04-11

Summary

PHP remote file inclusion vulnerability in unit_test/test_cases.php in Smarty 2.6.1 allows remote attackers to execute arbitrary PHP code via a URL in the SMARTY_DIR parameter. NOTE: this issue is disputed by CVE and a third party because SMARTY_DIR is a constant

Vulnerable Configurations

Part	Description	Count
Application	Smarty Smarty Smarty 2.6.1	1

References

http://marc.info/?l=bugtraq&m=116163668213491&w=2
http://marc.info/?l=bugtraq&m=116170769322920&w=2
http://osvdb.org/31096
https://exchange.xforce.ibmcloud.com/vulnerabilities/29739