Lucene search
+L

11 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-35226

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. In affected versions template authors could...

7.3CVSS7AI score0.00507EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/03/28 12:0 a.m.8 views

Ubuntu: Security Advisory (USN-7377-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3CVSS7.2AI score0.00507EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/12/13 12:0 a.m.14 views

Debian: Security Advisory (DSA-5830-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3CVSS7.5AI score0.00507EPSS
Exploits0References2
Debian
Debian
added 2024/12/12 7:37 p.m.8 views

[SECURITY] [DSA 5830-1] smarty4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5830-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 12, 2024 https://www.debian.org/security/faq -...

7.3CVSS7.2AI score0.00507EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/12/12 12:0 a.m.11 views

Debian dsa-5830 : smarty4 - security update

The remote Debian 12 host has a package installed that is affected by a vulnerability as referenced in the dsa-5830 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5830-1 [email protected] https://www.debian.org/security/ Moritz...

7.3CVSS7.3AI score0.00507EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2024/12/11 12:0 a.m.18 views

Debian: Security Advisory (DSA-5826-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3CVSS7.1AI score0.01025EPSS
Exploits0References2
CVE
CVE
added 2024/05/28 8:55 p.m.108 views

CVE-2024-35226

Smarty (PHP template engine) is affected; in affected versions, template authors can inject PHP code by supplying a malicious file name to an extends-tag, enabling potential code execution. Debian/Ubuntu advisories indicate patches exist (e.g., smarty4 fix in Debian DSA-5830; Ubuntu USN- has secu...

7.3CVSS7AI score0.00507EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/28 8:55 p.m.53 views

CVE-2024-35226 PHP Code Injection by malicious attribute in extends-tag in Smarty

Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. In affected versions template authors could inject php code by choosing a malicious file name for an extends-tag. Sites that cannot fully trust template authors should update asap. Al...

7.3CVSS7.1AI score0.00507EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/05/28 8:55 p.m.81 views

CVE-2024-35226

Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. In affected versions template authors could inject php code by choosing a malicious file name for an extends-tag. Sites that cannot fully trust template authors should update asap. Al...

7.3CVSS7.1AI score0.00507EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/05/28 8:55 p.m.24 views

CVE-2024-35226 PHP Code Injection by malicious attribute in extends-tag in Smarty

Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. In affected versions template authors could inject php code by choosing a malicious file name for an extends-tag. Sites that cannot fully trust template authors should update asap. Al...

7.3CVSS7.2AI score0.00507EPSS
Exploits0References2
OSV
OSV
added 2024/05/28 8:55 p.m.24 views

CVE-2024-35226 PHP Code Injection by malicious attribute in extends-tag in Smarty

Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. In affected versions template authors could inject php code by choosing a malicious file name for an extends-tag. Sites that cannot fully trust template authors should update asap. Al...

7.3CVSS7.3AI score0.00507EPSS
Exploits0References5
Rows per page
Query Builder