Published: 02/05/2007 Updated: 14/02/2024

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

PHP remote file inclusion vulnerability in resources/includes/class.Smarty.php in Pixaria Gallery prior to 1.4.3 allows remote malicious users to execute arbitrary PHP code via a URL in the cfg[sys][base_path] parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
pixaria pixaria gallery 1.2.1
pixaria pixaria gallery 1.0.5
pixaria pixaria gallery 1.1.1
pixaria pixaria gallery 1.4
pixaria pixaria gallery 1.1.5
pixaria pixaria gallery 1.1.6
pixaria pixaria gallery 1.3.3
pixaria pixaria gallery 1.2
pixaria pixaria gallery 1.0.3
pixaria pixaria gallery 1.3
pixaria pixaria gallery 1.1.3
pixaria pixaria gallery 1.4.1
pixaria pixaria gallery 1.4.2
pixaria pixaria gallery 1.1.4
pixaria pixaria gallery 1.0.2
pixaria pixaria gallery 1.0.4
pixaria pixaria gallery 1.3.1
pixaria pixaria gallery 1.1
pixaria pixaria gallery 1.1.2
pixaria pixaria gallery 1.3.2
pixaria pixaria gallery 1.0.1

Pixaria Gallery 1x (classSmartyphp) Remote File Include Vulnerability ----------------------------------------------------------------------------------------- # scripts : Pixaria Gallery 1x # Discovered By : irvian # scripts site : pixariacom/ # Thanks To : #hitamputih #nyubicrew #patihack # special To : ...

NVD-CWE-Other http://pixaria.com/index.history.php http://www.pixaria.com/news/article/70/http://www.pixaria.com/news/article/71/http://www.securityfocus.com/bid/23489 http://secunia.com/advisories/24821 http://osvdb.org/34976 http://www.vupen.com/english/advisories/2007/1390 https://exchange.xforce.ibmcloud.com/vulnerabilities/33662 https://www.exploit-db.com/exploits/3733 http://www.securityfocus.com/archive/1/465847/100/200/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/3733/

CVE-2007-2457

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect