CVE-2008-4811
The expandquotedtext function in libs/SmartyCompiler.class.php in Smarty 2.6.20 r2797 and earlier allows remote attackers to execute arbitrary PHP code via vectors related to templates and a \ backslash before a dollar-sign character...