CVE-2011-1028

Опубликовано: 20 нояб. 2019

Источник: debian

EPSS Низкий

Описание

The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
smarty3	fixed	3.0.8-1		package
smarty	removed			package
smarty3	end-of-life		squeeze	package
smarty	end-of-life		squeeze	package

EPSS

Процентиль: 66%

0.00517

Низкий

Связанные уязвимости

CVE-2011-1028

CVSS3: 9.8

ubuntu

около 6 лет назад

The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file.

CVE-2011-1028

CVSS3: 9.8

nvd

около 6 лет назад

The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file.

GHSA-6frx-2r5w-c524

CVSS3: 9.8

github

больше 3 лет назад

Smarty3 Arbitrary PHP Code Execution

EPSS

Процентиль: 66%

0.00517

Низкий