4 matches found
DEBIAN-CVE-2012-4277
Cross-site scripting XSS vulnerability in the smartyfunctionhtmloptionsoptoutput function in distribution/libs/plugins/function.htmloptions.php in Smarty before 3.1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-4277
Cross-site scripting XSS vulnerability in the smartyfunctionhtmloptionsoptoutput function in distribution/libs/plugins/function.htmloptions.php in Smarty before 3.1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Information disclosure
The smartyfunctionmath function in libs/plugins/function.math.php in Smarty 2.6.22 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the equation attribute of the math function. NOTE: some of these details are obtained from third party information...
CVE-2009-1669
The smartyfunctionmath function in libs/plugins/function.math.php in Smarty 2.6.22 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the equation attribute of the math function. NOTE: some of these details are obtained from third party information...