Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2008/11/07 12:0 a.m.38 views

Fedora 8 : php-Smarty-2.6.20-2.fc8 (2008-9401)

Sun Nov 2 2008 Christopher Stone 2.6.20-2 - Add security patch bz 469648 - Add RHL dist tag conditional for Requires - Mon Oct 13 2008 Christopher Stone 2.6.20-1 - Upstream sync Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...

7.5CVSS5.3AI score0.01644EPSS
Exploits0References3
NVD
NVD
added 2008/10/31 6:9 p.m.18 views

CVE-2008-4810

The expandquotedtext function in libs/SmartyCompiler.class.php in Smarty 2.6.20 before r2797 allows remote attackers to execute arbitrary PHP code via vectors related to templates and 1 a dollar-sign character, aka "php executed in templates;" and 2 a double quoted literal string, aka a "function...

7.5CVSS7.6AI score0.02187EPSS
Exploits0References10
Prion
Prion
added 2008/10/31 6:9 p.m.19 views

Code injection

The expandquotedtext function in libs/SmartyCompiler.class.php in Smarty 2.6.20 before r2797 allows remote attackers to execute arbitrary PHP code via vectors related to templates and 1 a dollar-sign character, aka "php executed in templates;" and 2 a double quoted literal string, aka a "function...

7.5CVSS7.8AI score0.02187EPSS
Exploits0References10Affected Software1
UbuntuCve
UbuntuCve
added 2008/10/31 12:0 a.m.29 views

CVE-2008-4810

The expandquotedtext function in libs/SmartyCompiler.class.php in Smarty 2.6.20 before r2797 allows remote attackers to execute arbitrary PHP code via vectors related to templates and 1 a dollar-sign character, aka "php executed in templates;" and 2 a double quoted literal string, aka a "function...

7.5CVSS6.2AI score0.02187EPSS
Exploits0References2
securityvulns
securityvulns
added 2008/10/24 12:0 a.m.6446 views

Smarty 2.6.20 php injection

2008-10-22 числа Secunia.com была найдена уязвимость в функции expandquotedtext полный текст http://secunia.com/Advisories/32329/. Разработчики попытались исправить уязвимость как видно из их кода http://smarty-php.googlecode.com/svn/trunk/libs/SmartyCompiler.class.php путем экранированием символ...

7.1AI score
Exploits0
Rows per page
Query Builder