CVE-2006-7193

Name of the Vulnerable Software and Affected Versions Smarty version 2.6.1

Description A remote file inclusion issue in the unit test/test cases.php file of Smarty allows remote attackers to execute arbitrary PHP code via a URL in the SMARTY DIR parameter.

Recommendations For Smarty version 2.6.1, consider restricting access to the unit test/test cases.php file to minimize the risk of exploitation. As a temporary workaround, avoid using the SMARTY DIR parameter in the affected file until the issue is resolved.