Описание
The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used by Serendipity (S9Y) and other products, allows attackers to call arbitrary PHP functions via templates, related to a '\0' character in a search string.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life, was needed |
| devel | not-affected | 2.2.5-1 |
| feisty | ignored | end of life, was needed |
| gutsy | ignored | end of life, was needed |
| hardy | ignored | end of life, was needed |
| upstream | released | 2.2.5-1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 2.6.11-1ubuntu0.1 |
| devel | released | 2.6.18-1ubuntu3 |
| edgy | released | 2.6.14-1ubuntu0.6.10.1 |
| feisty | released | 2.6.14-1ubuntu0.7.04.1 |
| gutsy | released | 2.6.18-1ubuntu2.1 |
| upstream | released | 2.6.19 |
Показывать по
Ссылки на источники
EPSS
7.5 High
CVSS2
Связанные уязвимости
The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used by Serendipity (S9Y) and other products, allows attackers to call arbitrary PHP functions via templates, related to a '\0' character in a search string.
The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used ...
The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used by Serendipity (S9Y) and other products, allows attackers to call arbitrary PHP functions via templates, related to a '\0' character in a search string.
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
7.5 High
CVSS2