Page 2 of 32 results (0.008 seconds)

CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0

Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.42 and 4.0.2, template authors could run arbitrary PHP code by crafting a malicious math string. If a math string was passed through as user provided data to the math function, external users could run arbitrary PHP code by crafting a malicious math string. Users should upgrade to version 3.1.42 or 4.0.2 to receive a patch. Smarty es un motor de plantillas para PHP que facilita la separación de la presentación (HTML/CSS) de la lógica de la aplicación. • https://github.com/smarty-php/smarty/commit/215d81a9fa3cd63d82fb3ab56ecaf97cf1e7db71 https://github.com/smarty-php/smarty/releases/tag/v3.1.42 https://github.com/smarty-php/smarty/releases/tag/v4.0.2 https://github.com/smarty-php/smarty/security/advisories/GHSA-29gp-2c3m-3j6m https://lists.debian.org/debian-lts-announce/2022/05/msg00005.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ https://lists.fedoraproject.org/archives/l • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •

CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0

Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.43 and 4.0.3, template authors could run restricted static php methods. Users should upgrade to version 3.1.43 or 4.0.3 to receive a patch. Smarty es un motor de plantillas para PHP que facilita la separación de la presentación (HTML/CSS) de la lógica de la aplicación. Antes de las versiones 3.1.43 y 4.0.3, los autores de plantillas podían ejecutar métodos estáticos restringidos de php. • https://github.com/smarty-php/smarty/commit/19ae410bf56007a5ef24441cdc6414619cfaf664 https://github.com/smarty-php/smarty/releases/tag/v3.1.43 https://github.com/smarty-php/smarty/releases/tag/v4.0.3 https://github.com/smarty-php/smarty/security/advisories/GHSA-4h9c-v5vg-5m6m https://lists.debian.org/debian-lts-announce/2022/05/msg00005.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ https://lists.fedoraproject.org/archives/l • CWE-20: Improper Input Validation •

CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0

Smarty before 3.1.39 allows code injection via an unexpected function name after a {function name= substring. Smarty versiones anteriores a 3.1.39, permite una inyección de código por medio de un nombre de función no previsto después de una subcadena {function name= • https://github.com/smarty-php/smarty/blob/master/CHANGELOG.md https://lists.debian.org/debian-lts-announce/2021/04/msg00004.html https://lists.debian.org/debian-lts-announce/2021/04/msg00014.html https://security.gentoo.org/glsa/202105-06 https://www.debian.org/security/2022/dsa-5151 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

Smarty before 3.1.39 allows a Sandbox Escape because $smarty.template_object can be accessed in sandbox mode. Smarty versiones anteriores a 3.1.39, permite un Escape del Sandbox porque un $smarty.template_object puede ser accedido en el modo sandbox • https://github.com/smarty-php/smarty/blob/master/CHANGELOG.md https://lists.debian.org/debian-lts-announce/2021/04/msg00004.html https://lists.debian.org/debian-lts-announce/2021/04/msg00014.html https://security.gentoo.org/glsa/202105-06 https://www.debian.org/security/2022/dsa-5151 •

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file. La variable $smarty.template en Smarty3 permite a atacantes posiblemente ejecutar código PHP arbitrario por medio del archivo sysplugins/smarty_internal_compile_private_special_variable.php. • https://access.redhat.com/security/cve/cve-2011-1028 https://seclists.org/oss-sec/2011/q1/313 https://security-tracker.debian.org/tracker/CVE-2011-1028 • CWE-20: Improper Input Validation •