CVSS: 10.0EPSS: 0%CPEs: 66EXPL: 0CVE-2010-4726
https://notcve.org/view.php?id=CVE-2010-4726
03 Feb 2011 — Unspecified vulnerability in the math plugin in Smarty before 3.0.0 RC1 has unknown impact and remote attack vectors. NOTE: this might overlap CVE-2009-1669. Una vulnerabilidad no especificada en el plug-in 'math' de Smarty antes de v3.0.0 RC1 tiene un impacto desconocido y vectores de ataque remotos. NOTA: esto podría superponerse al CVE-2009-1669. • http://smarty-php.googlecode.com/svn/trunk/distribution/change_log.txt •
CVSS: 10.0EPSS: 0%CPEs: 64EXPL: 0CVE-2010-4727
https://notcve.org/view.php?id=CVE-2010-4727
03 Feb 2011 — Smarty before 3.0.0 beta 7 does not properly handle the <?php and ?> tags, which has unspecified impact and remote attack vectors. Smarty anterior a v3.0.0 beta 7 no controla correctamente las etiquetas <? php y? • http://smarty-php.googlecode.com/svn/trunk/distribution/change_log.txt • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 1%CPEs: 56EXPL: 0CVE-2008-4810
https://notcve.org/view.php?id=CVE-2008-4810
31 Oct 2008 — The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 before r2797 allows remote attackers to execute arbitrary PHP code via vectors related to templates and (1) a dollar-sign character, aka "php executed in templates;" and (2) a double quoted literal string, aka a "function injection security hole." NOTE: each vector affects slightly different SVN revisions. La función _expand_quoted_text en libs/Smarty_Compiler.class.php en Smarty 2.6.20 antes de r2797 permite a atacantes rem... • http://code.google.com/p/smarty-php/source/detail?r=2784&path=/trunk/libs/Smarty_Compiler.class.php • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 1%CPEs: 57EXPL: 0CVE-2008-4811
https://notcve.org/view.php?id=CVE-2008-4811
31 Oct 2008 — The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 r2797 and earlier allows remote attackers to execute arbitrary PHP code via vectors related to templates and a \ (backslash) before a dollar-sign character. La función _expand_quoted_text en libs/Smarty_Compiler.class.php en Smarty 2.6.20 r2797 y anteriores permite a atacantes remotos ejecutar código PHP de su elección mediante vectores relacionados con plantillas y una \ (barra invertida) antes de un carácter del signo del ... • http://secunia.com/advisories/32329 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2008-1066
https://notcve.org/view.php?id=CVE-2008-1066
28 Feb 2008 — The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used by Serendipity (S9Y) and other products, allows attackers to call arbitrary PHP functions via templates, related to a '\0' character in a search string. La extensión modifier.regex_replace.php de Smarty before 2.6.19,utilizado como Serendipity (S9Y) y otros productos, permite a atacantes llamar a funciones PHP de su elección a través de plantillas, relacionado con un carácter '\0' en una cadena de búsqueda. • http://blog.s9y.org/archives/191-Serendipity-1.3-beta1-released.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2005-0913
https://notcve.org/view.php?id=CVE-2005-0913
29 Mar 2005 — Unknown vulnerability in the regex_replace modifier (modifier.regex_replace.php) in Smarty before 2.6.8 allows attackers to execute arbitrary PHP code. • http://news.php.net/php.smarty.dev/2673 •