Lucene search
K

8 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.21 views

Mageia: Security Advisory (MGASA-2018-0118)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.03124EPSS
Exploits0References3
OSV
OSV
added 2018/02/06 3:35 p.m.10 views

MGASA-2018-0118 Updated php-smarty packages fix security vulnerability

Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch or display functions on custom resources that does not sanitize template nameCVE-2017-1000480...

9.8CVSS9.7AI score0.03124EPSS
Exploits0References2
Mageia
Mageia
added 2018/02/06 3:35 p.m.30 views

Updated php-smarty packages fix security vulnerability

Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch or display functions on custom resources that does not sanitize template nameCVE-2017-1000480...

9.8CVSS1.4AI score0.03124EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/01/23 12:0 a.m.22 views

Debian DSA-4094-1 : smarty3 - security update

It was discovered that Smarty, a PHP template engine, was vulnerable to code-injection attacks. An attacker was able to craft a filename in comments that could lead to arbitrary code execution on the host running Smarty. C Tenable Network Security, Inc. The descriptive text and package checks in...

9.8CVSS9AI score0.03124EPSS
Exploits0References6
Debian
Debian
added 2018/01/22 10:48 p.m.75 views

[SECURITY] [DSA 4094-1] smarty3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4094-1 [email protected] https://www.debian.org/security/ January 22, 2018 https://www.debian.org/security/faq - -------------------------------------------------------------------------...

9.8CVSS9AI score0.03124EPSS
Exploits0
NVD
NVD
added 2018/01/03 6:29 p.m.31 views

CVE-2017-1000480

Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch or display functions on custom resources that does not sanitize template name...

9.8CVSS8.8AI score0.03124EPSS
Exploits0References4
OSV
OSV
added 2018/01/03 6:29 p.m.31 views

CVE-2017-1000480

Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch or display functions on custom resources that does not sanitize template name...

9.8CVSS9.9AI score0.03124EPSS
Exploits0References4
CVE
CVE
added 2018/01/03 6:0 p.m.91 views

CVE-2017-1000480

Smarty 3.x before 3.1.32 is vulnerable to PHP code injection when fetch() or display() are used on custom resources that do not sanitize the template name. Root cause: unsanitized template-name handling in Smarty’s fetch/display paths can lead to arbitrary code execution in PHP contexts. The CVE ...

9.8CVSS8.6AI score0.03124EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder