2 matches found
GHSA-2PMX-6MM6-6V72 Smarty arbitrary PHP code execution
Smarty before 3.1.21 allows remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by "literal" in a template...
Debian DLA-452-1 : smarty3 security update
Smarty3, a template engine for PHP, allowed remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by 'literal' in a template. For Debian 7 'Wheezy', these problems have been fixed in version 3.1.10-2+deb7u1. We recommend that you upgrade your smart...