Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4 matches found

Mageia
Mageiaadded 2023/01/24 7:58 a.m.40 views

Updated php-smarty packages fix security vulnerability

It was discovered that there was a potential cross-site scripting vulnerability in smarty3, a widely-used PHP templating engine. In Smarty before 3.1.47 and 4.x before 4.2.1, libs/plugins/function.mailto.php allows XSS. A web page that uses smartyfunctionmailto, and that could be parameterized...

5.4CVSS3.1AI score0.00629EPSS
Exploits1References3
Mageia
Mageiaadded 2022/06/13 8:44 p.m.44 views

Updated php-smarty packages fix security vulnerability

Template authors could inject php code by choosing a malicious block name or include file name. CVE-2022-29221...

8.8CVSS2.7AI score0.25501EPSS
Exploits1References4
Mageia
Mageiaadded 2022/04/02 10:22 p.m.128 views

Updated php-smarty packages fix security vulnerability

Updated php-smarty packages to version 4 for php 8 compatibility and to fix security vulnerabilities...

9.8CVSS3.8AI score0.7558EPSS
Exploits4References3
OSV
OSVadded 2014/11/21 12:44 p.m.7 views

MGASA-2014-0468 Updated php-smarty packages fix security vulnerabilities

Cross-site scripting XSS vulnerability in the SmartyException class in Smarty aka smarty-php before 3.1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger a Smarty exception CVE-2012-4437. Smarty before 3.1.21 allows remote attackers to bypass t...

7.5CVSS6AI score0.0057EPSS
Exploits1References3
Rows per page
Query Builder