Описание
Smarty PHP code injection
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that does not sanitize template name.
Пакеты
Наименование
smarty/smarty
composer
Затронутые версииВерсия исправления
>= 3, < 3.1.32
3.1.32
Связанные уязвимости
CVSS3: 9.8
ubuntu
около 8 лет назад
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that does not sanitize template name.
CVSS3: 9.8
nvd
около 8 лет назад
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that does not sanitize template name.
CVSS3: 9.8
debian
около 8 лет назад
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when call ...