← Back

Pointcomma

pointcomma

Vendor: Raphael Mazoyer • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2009-4220
1Raphael Mazoyer
1Pointcomma
Apr 23, 2026
Dec 7, 2009
N/A· v4
N/A· v3
7.5 HIGH· v2
PHP remote file inclusion vulnerability in includes/classes/pctemplate.php in PointComma 3.8b2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pcConfig[smartyPath] parameter.