7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
79.2%
DISPUTED PHP remote file inclusion vulnerability in
libs/Smarty.class.php in Smarty 2.6.9 allows remote attackers to execute
arbitrary PHP code via a URL in the filename parameter. NOTE: in the
original disclosure, filename is used in a function definition, so this
report is probably incorrect.