Unrated severityNVD Advisory· Published May 21, 2007· Updated Jun 16, 2026
CVE-2007-2777
CVE-2007-2777
Description
Unrestricted file upload vulnerability in admin/addsptemplate.php in AlstraSoft Template Seller Pro 3.25 and earlier allows remote attackers to execute arbitrary PHP code via an arbitrary .php filename in the zip parameter, which is created under sptemplates/.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:alstrasoft:template_seller:*:*:pro:*:*:*:*:*+ 1 more
- cpe:2.3:a:alstrasoft:template_seller:*:*:pro:*:*:*:*:*range: <=3.25
- (no CPE)range: <=3.25
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.