Lucene search
K

4 matches found

CNNVD
CNNVD
added 2026/03/05 12:0 a.m.11 views

Astroid Template Framework 代码问题漏洞

Astroid Template Framework is an open-source Joomla template development framework developed by Astroid. The Astroid Template Framework has code vulnerabilities, which stem from inadequate protection of the file management function. This could allow unverified users to upload dangerous data types...

10CVSS6AI score0.00471EPSS
Exploits1References1
Fedora
Fedora
added 2014/11/05 3:57 a.m.19 views

[SECURITY] Fedora 20 Update: php-Smarty-3.1.21-1.fc20

Although Smarty is known as a "Template Engine", it would be more accurately described as a "Template/Presentation Framework." That is, it provides the programmer and template designer with a wealth of tools to automate tasks commonly dealt with at the presentation layer of an application. I stre...

7.5CVSS1.2AI score0.03127EPSS
Exploits1
seebug.org
seebug.org
added 2011/08/22 12:0 a.m.77 views

Smarty3远程代码执行漏洞

Smarty是PHP下广泛使用的前端模板框架。但由于Smarty3引入了新的特性,导致在某些情况下,可以利用特性组合直接远程执行任意代码。 由于Smarty3中引入了两个特性: 1、如果display,fetch等方法的模板路径参数接受到的模板文件名是以“string:”或者“eval:”开头的,smarty3就会将此后的字符串值作为模板文件内容,重新编译并执行之。参考连接:http://www.smarty.net/docs/en/template.resources.tpltemplates.from.string...

7.1AI score
Exploits0
Fedora
Fedora
added 2008/11/07 2:52 a.m.32 views

[SECURITY] Fedora 9 Update: php-Smarty-2.6.20-2.fc9

Although Smarty is known as a "Template Engine", it would be more accurately described as a "Template/Presentation Framework." That is, it provides the programmer and template designer with a wealth of tools to automate tasks commonly dealt with at the presentation layer of an application. I stre...

7.5CVSS1.2AI score0.01644EPSS
Exploits0
Rows per page
Query Builder