CVE-2008-7034

PHP remote file inclusion vulnerability in kernel/smarty/Smarty.class.php in PHPEcho CMS 2.0 rc3 allows remote attackers to execute arbitrary PHP code via a URL in unspecified vectors that modify the _smarty_compile_path variable in the fetch function.

Date published : 2009-08-24

http://www.securityfocus.com/bid/27960

http://archives.neohapsis.com/archives/bugtraq/2008-02/0401.html