CVE

Id
23209  
CVE No.
CVE-2006-7105  
Status
Candidate  
Description
** DISPUTED ** PHP remote file inclusion vulnerability in libs/Smarty.class.php in Smarty 2.6.9 allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter. NOTE: in the original disclosure, filename is used in a function definition, so this report is probably incorrect.  
Phase
Assigned (20070303)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
223524 23209 CVE-2006-7105 FULLDISC:20061014 Re: Vuln  View
223525 23209 CVE-2006-7105 URL:http://www.security-express.com/archives/fulldisclosure/2006-10/0299.html  View
223526 23209 CVE-2006-7105 FULLDISC:20061014 Vuln  View
223527 23209 CVE-2006-7105 URL:http://www.security-express.com/archives/fulldisclosure/2006-10/0292.html  View
223528 23209 CVE-2006-7105 BID:20557  View
223529 23209 CVE-2006-7105 URL:http://www.securityfocus.com/bid/20557  View
223530 23209 CVE-2006-7105 XF:smarty-smarty-file-include(29603)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
52596 JVNDB-2007-001288 Coalescent Systems freePBX の upgrade.php における PHP リモートファイルインクルージョンの脆弱性 Coalescent Systems freePBX の upgrade.php は、PHP リモートファイルインクルージョンの脆弱性が存在します。 CVE-2006-7107 23209 7.5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001288.html  View