CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Github Security Blog•added 2022/04/22 12:24 a.m.•23 views

Smarty3 Arbitrary PHP Code Execution

The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smartyinternalcompileprivatespecialvariable.php file...

9.8CVSS7.9AI score0.00517EPSS

Exploits0References7Affected Software1

OSV•added 2022/04/22 12:24 a.m.•14 views

GHSA-6FRX-2R5W-C524 Smarty3 Arbitrary PHP Code Execution

The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smartyinternalcompileprivatespecialvariable.php file...

9.8CVSS9.7AI score0.00517EPSS

Exploits0References7

Debian•added 2021/04/16 7:54 a.m.•81 views

[SECURITY] [DLA 2618-2] smarty3 regression update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2618-2 [email protected] https://www.debian.org/lts/security/ Abhijith PA April 16, 2021 https://wiki.debian.org/LTS -...

9.8CVSS7.8AI score0.7558EPSS

Exploits3

NVD•added 2019/11/20 3:15 p.m.•16 views

CVE-2011-1028

The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smartyinternalcompileprivatespecialvariable.php file...

9.8CVSS9.8AI score0.00517EPSS

Exploits0References3

Cvelist•added 2011/09/23 11:0 p.m.•16 views

CVE-2011-3758

::mound:: 2.1.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by lib/smarty/libs/sysplugins/smartyinternaltemplate.php and certain other files...

6.1AI score0.00283EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by