VYPR
Unrated severityNVD Advisory· Published Feb 15, 2007· Updated Jun 16, 2026

CVE-2006-7019

CVE-2006-7019

Description

phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote attackers to execute arbitrary code via crafted arguments to the (1) text_evento and (2) email_eventonome_evento parameters to phpwcms_code_snippets/mail_file_form.php and sample_ext_php/mail_file_form.php, which is processed by the render_PHPcode function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Phpwcms/Phpwcms2 versions
    cpe:2.3:a:phpwcms:phpwcms:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:phpwcms:phpwcms:*:*:*:*:*:*:*:*range: <=1.1_rc3
    • (no CPE)range: <=1.2.5-DEV AND <1.1-RC4

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.