Lucene search

PRIOn knowledge basePRION:CVE-2010-4727

HistoryFeb 03, 2011 - 5:00 p.m.

Design/Logic Flaw

2011-02-0317:00:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

58.3%

JSON

Smarty before 3.0.0 beta 7 does not properly handle the <?php and ?> tags, which has unspecified impact and remote attack vectors.

CPENameOperatorVersion
smartyeq1.4.3
smartyeq1.0
smartyeq1.0.98
smartyeq2.3.1
smartyeq2.6.0 rc3
smartyeq2.6.25
smartyeq1.4.0
smartyeq1.4.5
smartyeq2.6.1
smartyeq2.6.7

Name	Operator	Version
smarty	eq	1.4.3
smarty	eq	1.0
smarty	eq	1.0.98
smarty	eq	2.3.1
smarty	eq	2.6.0 rc3
smarty	eq	2.6.25
smarty	eq	1.4.0
smarty	eq	1.4.5
smarty	eq	2.6.1
smarty	eq	2.6.7

Rows per page:

1-10 of 641

References

smarty-php.googlecode.com/svn/trunk/distribution/change_log.txt

7.3 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

58.3%

JSON

Related for PRION:CVE-2010-4727