CVE

Id
23297  
CVE No.
CVE-2006-7193  
Status
Candidate  
Description
** DISPUTED ** PHP remote file inclusion vulnerability in unit_test/test_cases.php in Smarty 2.6.1 allows remote attackers to execute arbitrary PHP code via a URL in the SMARTY_DIR parameter. NOTE: this issue is disputed by CVE and a third party because SMARTY_DIR is a constant.  
Phase
Assigned (20070412)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
224182 23297 CVE-2006-7193 BUGTRAQ:20061023 Smarty-2.6.1 Remote File Include Vulnerabilities  View
224183 23297 CVE-2006-7193 URL:http://marc.info/?l=bugtraq&m=116163668213491&w=2  View
224184 23297 CVE-2006-7193 BUGTRAQ:20061024 Re: Smarty-2.6.1 Remote File Include Vulnerabilities  View
224185 23297 CVE-2006-7193 URL:http://marc.info/?l=bugtraq&m=116170769322920&w=2  View
224186 23297 CVE-2006-7193 OSVDB:31096  View
224187 23297 CVE-2006-7193 URL:http://osvdb.org/31096  View
224188 23297 CVE-2006-7193 XF:smarty-test-file-include(29739)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
51636 JVNDB-2007-000299 Apache Tomcat の implicit-objects.jsp におけるクロスサイトスクリプティングの脆弱性 Apache Tomcat の implicit-objects.jsp には特定のヘッダの処理に不備が存在するために、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2006-7195 23297 4.3 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000299.html  View