11 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-35226
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. In affected versions template authors could...
Ubuntu: Security Advisory (USN-7377-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-5830-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 5830-1] smarty4 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5830-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 12, 2024 https://www.debian.org/security/faq -...
Debian dsa-5830 : smarty4 - security update
The remote Debian 12 host has a package installed that is affected by a vulnerability as referenced in the dsa-5830 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5830-1 [email protected] https://www.debian.org/security/ Moritz...
Debian: Security Advisory (DSA-5826-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-35226
Smarty (PHP template engine) is affected; in affected versions, template authors can inject PHP code by supplying a malicious file name to an extends-tag, enabling potential code execution. Debian/Ubuntu advisories indicate patches exist (e.g., smarty4 fix in Debian DSA-5830; Ubuntu USN- has secu...
CVE-2024-35226 PHP Code Injection by malicious attribute in extends-tag in Smarty
Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. In affected versions template authors could inject php code by choosing a malicious file name for an extends-tag. Sites that cannot fully trust template authors should update asap. Al...
CVE-2024-35226
Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. In affected versions template authors could inject php code by choosing a malicious file name for an extends-tag. Sites that cannot fully trust template authors should update asap. Al...
CVE-2024-35226 PHP Code Injection by malicious attribute in extends-tag in Smarty
Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. In affected versions template authors could inject php code by choosing a malicious file name for an extends-tag. Sites that cannot fully trust template authors should update asap. Al...
CVE-2024-35226 PHP Code Injection by malicious attribute in extends-tag in Smarty
Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. In affected versions template authors could inject php code by choosing a malicious file name for an extends-tag. Sites that cannot fully trust template authors should update asap. Al...