CVE-2008-7034 Information

Description

PHP remote file inclusion vulnerability in kernel/smarty/Smarty.class.php in PHPEcho CMS 2.0 rc3 allows remote attackers to execute arbitrary PHP code via a URL in unspecified vectors that modify the _smarty_compile_path variable in the fetch function.

Reference

http://archives.neohapsis.com/archives/bugtraq/2008-02/0401.html http://osvdb.org/51018 http://www.securityfocus.com/bid/27960 https://exchange.xforce.ibmcloud.com/vulnerabilities/40792