16 matches found
EUVD-2021-2555
Malware in sbrugna...
Path manipulation
Description matyhtf framework v3.0.5 is affected by a path manipulation vulnerability in Smarty.class.php. The issue was fixed in version 3.0.6. References https://nvd.nist.gov/vuln/detail/CVE-2021-43676 https://github.com/matyhtf/framework/issues/206 matyhtf/framework@2508460...
Path manipulation
matyhtf framework v3.0.5 is affected by a path manipulation vulnerability in Smarty.class.php. The issue was fixed in version 3.0.6...
ThinkUp path traversal vulnerability
ThinkUp is a free, installable web application from ThinkUp USA, Inc. Used to gain insight into activity on social networks such as Twitter, Facebook and Instagram, ThinkUp has a security vulnerability that stems from the fact that ThinkUp 2.0-beta is affected by a path manipulation vulnerability...
Path Traversal
matyhtf/swooleframework is vulnerable to path traversal. An attacker can access files outside of the expected directory through the readfile function in Smarty.class.php...
GHSA-MH9J-V6MQ-PFCH Path manipulation in matyhtf/framework
matyhtf framework v3.0.5 is affected by a path manipulation vulnerability in Smarty.class.php. The issue was fixed in version 3.0.6...
Path manipulation in matyhtf/framework
matyhtf framework v3.0.5 is affected by a path manipulation vulnerability in Smarty.class.php. The issue was fixed in version 3.0.6...
CVE-2021-43676
matyhtf framework v3.0.5 is affected by a path manipulation vulnerability in Smarty.class.php...
Path traversal
matyhtf framework v3.0.5 is affected by a path manipulation vulnerability in Smarty.class.php...
CVE-2021-43676
CVE-2021-43676 affects matyhtf framework v3.0.5 via a path manipulation vulnerability in Smarty.class.php (path traversal). The issue is fixed in v3.0.6; public advisories note potential access to files outside the intended directory via _read_file in Smarty.class.php.
Path traversal
UNSUPPORTED WHEN ASSIGNED ThinkUp 2.0-beta.10 is affected by a path manipulation vulnerability in Smarty.class.php. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2021-43674
CVE-2021-43674 concerns ThinkUp 2.0-beta.10 and a vulnerability in Smarty.class.php that enables path traversal. The connected sources consistently identify this as a vulnerability affecting ThinkUp 2.0-beta.10 and note that it affects products no longer supported by the maintainer. No explicit e...
PT-2021-23903 · Thinkup · Thinkup
Name of the Vulnerable Software and Affected Versions: ThinkUp version 2.0-beta.10 Description: The issue is a path manipulation vulnerability in Smarty.class.php. This vulnerability only affects products that are no longer supported by the maintainer. Recommendations: For ThinkUp version...
2Moons 1.4 Remote File Inclusion
============================== 2Moons v1.4 RFI Vulnerability ============================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=0 0 . .--. .--. .---. . 1 1 .'| / | 0 0 | --: --: / .-.| .-. . . 1 1 | / | | | 0 0 '---' --' --' ' -'--'---| 1 1 ; 0 0 Site : 1337day.com -' 1 1 Suppor...
phpechocms v 2.0 rc3 RFI
--------------------------- [email protected] ------------------------- Web Application : phpechocms v 2.0 rc3 Flaw : RFI Severity : High path : http://site.com/kernel/smarty/Smarty.class.php line: 1163 include$smartycompilepath greetz to team d3hydr8,zugzwang,smasher,baltazar,icqbomber,vive...
[Full-disclosure] PsychoStats 3.0.6b and prior
newtheme variable only expects "sane" behaivor, no arguement or an arguement with any special character, etc.. will cause it to error and display the full path to $pathtohlstats/includes/smarty/Smarty.class.php $pathtohlstats/server.php?newcss=styles.css&newtheme=00 Ex: Warning: Smarty error:...