CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-35226 – PHP Code Injection by malicious attribute in extends-tag in Smarty
https://notcve.org/view.php?id=CVE-2024-35226
28 May 2024 — Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. In affected versions template authors could inject php code by choosing a malicious file name for an extends-tag. Sites that cannot fully trust template authors should update asap. All users are advised to update. There is no patch for users on the v3 branch. • https://github.com/smarty-php/smarty/commit/0be92bc8a6fb83e6e0d883946f7e7c09ba4e857a • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.1EPSS: 1%CPEs: 5EXPL: 1CVE-2023-28447 – Cross site scripting vulnerability in Javascript escaping in smarty/smarty
https://notcve.org/view.php?id=CVE-2023-28447
28 Mar 2023 — Smarty is a template engine for PHP. In affected versions smarty did not properly escape javascript code. An attacker could exploit this vulnerability to execute arbitrary JavaScript code in the context of the user's browser session. This may lead to unauthorized access to sensitive user data, manipulation of the web application's behavior, or unauthorized actions performed on behalf of the user. Users are advised to upgrade to either version 3.1.48 or to 4.3.1 to resolve this issue. • https://github.com/drkbcn/lblfixer_cve_2023_28447 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-25047 – Ubuntu Security Notice USN-7158-1
https://notcve.org/view.php?id=CVE-2018-25047
14 Sep 2022 — In Smarty before 3.1.47 and 4.x before 4.2.1, libs/plugins/function.mailto.php allows XSS. A web page that uses smarty_function_mailto, and that could be parameterized using GET or POST input parameters, could allow injection of JavaScript code by a user. En Smarty versiones anteriores a 3.1.47 y 4.x anteriores a 4.2.1, el archivo libs/plugins/function.mailto.php permite un ataque de tipo XSS. Una página web que usa smarty_function_mailto, y que pueda ser parametrizada usando parámetros de entrada GET o POS... • https://bugs.gentoo.org/870100 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 16%CPEs: 7EXPL: 1CVE-2022-29221 – PHP Code Injection by malicious block or filename in Smarty
https://notcve.org/view.php?id=CVE-2022-29221
24 May 2022 — Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious {block} name or {include} file name. Sites that cannot fully trust template authors should upgrade to versions 3.1.45 or 4.1.1 to receive a patch for this issue. There are currently no known workarounds. Smarty es un motor de plantillas para PHP, que facilita la separación de la presentación (HTM... • https://github.com/sbani/CVE-2022-29221-PoC • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-29454 – Sandbox Escape by math function in smarty
https://notcve.org/view.php?id=CVE-2021-29454
10 Jan 2022 — Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.42 and 4.0.2, template authors could run arbitrary PHP code by crafting a malicious math string. If a math string was passed through as user provided data to the math function, external users could run arbitrary PHP code by crafting a malicious math string. Users should upgrade to version 3.1.42 or 4.0.2 to receive a patch. Smarty es un motor de plantillas para PHP que fa... • https://github.com/smarty-php/smarty/commit/215d81a9fa3cd63d82fb3ab56ecaf97cf1e7db71 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-21408 – Access to restricted PHP code by dynamic static class access in smarty
https://notcve.org/view.php?id=CVE-2021-21408
10 Jan 2022 — Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.43 and 4.0.3, template authors could run restricted static php methods. Users should upgrade to version 3.1.43 or 4.0.3 to receive a patch. Smarty es un motor de plantillas para PHP que facilita la separación de la presentación (HTML/CSS) de la lógica de la aplicación. Antes de las versiones 3.1.43 y 4.0.3, los autores de plantillas podían ejecutar métodos estáticos restr... • https://github.com/smarty-php/smarty/commit/19ae410bf56007a5ef24441cdc6414619cfaf664 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-10375
https://notcve.org/view.php?id=CVE-2020-10375
05 Feb 2021 — An issue was discovered in New Media Smarty before 9.10. Passwords are stored in the database in an obfuscated format that can be easily reversed. The file data.mdb contains these obfuscated passwords in the second column. NOTE: this is unrelated to the popular Smarty template engine product. Se detectó un problema en New Media Smarty versiones anteriores a 9.10. • https://www.smarty-online.de • CWE-326: Inadequate Encryption Strength •