| CVE-2014-8350 |
high |
— |
7.5 |
|
|
|
12y ago |
Smarty before 3.1.21 allows remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by "{literal}<{/literal}script language=php>" in a template. |
| CVE-2009-5054 |
high |
— |
7.5 |
|
|
|
16y ago |
Smarty before 3.0.0 beta 4 does not consider the umask value when setting the permissions of files, which might allow attackers to bypass intended access restrictions via standard filesystem operatio… |
| CVE-2012-4437 |
medium |
— |
4.3 |
|
|
|
14y ago |
Cross-site scripting (XSS) vulnerability in the SmartyException class in Smarty (aka smarty-php) before 3.1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors t… |
| CVE-2024-35226 |
unknown |
— |
— |
|
|
|
2y ago |
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. In affected versions template authors could inject php code by choosing a malicious… |
| CVE-2023-28447 |
unknown |
— |
— |
|
|
|
3y ago |
Smarty is a template engine for PHP. In affected versions smarty did not properly escape javascript code. An attacker could exploit this vulnerability to execute arbitrary JavaScript code in the cont… |
| CVE-2018-25047 |
unknown |
— |
— |
|
|
|
4y ago |
In Smarty before 3.1.47 and 4.x before 4.2.1, libs/plugins/function.mailto.php allows XSS. A web page that uses smarty_function_mailto, and that could be parameterized using GET or POST input paramet… |
| CVE-2022-29221 |
unknown |
— |
— |
|
|
|
4y ago |
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choos… |
| CVE-2017-1000480 |
unknown |
— |
— |
|
|
|
4y ago |
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that does not sanitize template name. |
| CVE-2018-16831 |
unknown |
— |
— |
|
|
|
4y ago |
Smarty before 3.1.33-dev-4 allows attackers to bypass the trusted_dir protection mechanism via a file:./../ substring in an include statement. |
| CVE-2018-13982 |
unknown |
— |
— |
|
|
|
4y ago |
Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is prone to a path traversal vulnerability due to insufficient template code sanitization. This allows attackers controlling the execut… |
| CVE-2011-1028 |
unknown |
— |
— |
|
|
|
4y ago |
The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file. |
| CVE-2021-21408 |
unknown |
— |
— |
|
|
|
4y ago |
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.43 and 4.0.3, template authors could run restricted static ph… |
| CVE-2021-29454 |
unknown |
— |
— |
|
|
|
4y ago |
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.42 and 4.0.2, template authors could run arbitrary PHP code b… |
| CVE-2021-26119 |
unknown |
— |
— |
|
|
|
5y ago |
Smarty before 3.1.39 allows a Sandbox Escape because $smarty.template_object can be accessed in sandbox mode. |
| CVE-2021-26120 |
unknown |
— |
— |
|
|
|
5y ago |
Smarty before 3.1.39 allows code injection via an unexpected function name after a {function name= substring. |