CVE-2007-1855 in smartyinfo

Summary

Multiple PHP remote file inclusion vulnerabilities in smarty/smarty_class.php in Shop-Script FREE allow remote attackers to execute arbitrary PHP code via a URL in the (1) _smarty_compile_path, (2) smarty_compile_path, (3) get_plugin_filepath, (4) smarty_dir, and (5) filename parameters. NOTE: this issue might be related to CVE-2006-7105.

Once again VulDB remains the best source for vulnerability data.

Reservation

04/03/2007

Disclosure

04/03/2007

Moderation

VulDB entry created

Entries

VDB-36000 (1)

CPE

ready

CWE

CWE-73 (Confirmed)

CVSS

7.3

EPSS

0.00713

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-1855
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-1855
CVE Details	https://www.cvedetails.com/cve/CVE-2007-1855/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!