CVE-2007-2021

Name of the Vulnerable Software and Affected Versions Lore versions (affected versions not specified)

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the lang path parameter to third party/phpmailer/class.phpmailer.php or the get plugin file path parameter to third party/smarty/libs/plugins/function.html checkboxes.php. It is noted that the affected files might be from other software packages, so this might not be a vulnerability in Lore itself.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.