5 matches found
CVE-2024-35226
Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. In affected versions template authors could inject php code by choosing a malicious file name for an extends-tag. Sites that cannot fully trust template authors should update asap. Al...
[SECURITY] Fedora 38 Update: php-Smarty-3.1.48-1.fc38
Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. This implies that PHP code is application logic, and is separated from the presentation. Autoloader: /usr/share/php/Smarty/autoload.php...
[SECURITY] Fedora 37 Update: php-Smarty-3.1.48-1.fc37
Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. This implies that PHP code is application logic, and is separated from the presentation. Autoloader: /usr/share/php/Smarty/autoload.php...
Fedora 36 : php-Smarty (2022-52154efd61)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-52154efd61 advisory. 3.1.47 - 2022-09-14 Security - Applied appropriate javascript and html escaping in mailto plugin to counter injection attacks 454 Fixed - Fixed use ...
[SECURITY] Fedora 28 Update: php-Smarty2-2.6.31-2.fc28
Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. This implies that PHP code is application logic, and is separated from the presentation...