Описание
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 before r2797 allows remote attackers to execute arbitrary PHP code via vectors related to templates and (1) a dollar-sign character, aka "php executed in templates;" and (2) a double quoted literal string, aka a "function injection security hole." NOTE: each vector affects slightly different SVN revisions.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | uses system smarty |
| hardy | ignored | end of life |
| intrepid | not-affected | uses system smarty |
| jaunty | not-affected | uses system smarty |
| karmic | not-affected | uses system smarty |
| lucid | not-affected | uses system smarty |
| maverick | not-affected | uses system smarty |
| natty | not-affected | uses system smarty |
| oneiric | not-affected | uses system smarty |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | uses system smarty |
| hardy | released | 1.8.2-1ubuntu4.2 |
| intrepid | released | 1.8.2-1.2ubuntu2.1 |
| jaunty | not-affected | uses system smarty |
| karmic | not-affected | uses system smarty |
| lucid | not-affected | uses system smarty |
| maverick | not-affected | uses system smarty |
| natty | not-affected | uses system smarty |
| oneiric | not-affected | uses system smarty |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | |
| gutsy | ignored | end of life, was needed |
| hardy | ignored | end of life |
| intrepid | ignored | end of life, was needed |
| jaunty | not-affected | |
| karmic | not-affected | |
| lucid | not-affected | |
| maverick | not-affected | |
| natty | not-affected |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 before r2797 allows remote attackers to execute arbitrary PHP code via vectors related to templates and (1) a dollar-sign character, aka "php executed in templates;" and (2) a double quoted literal string, aka a "function injection security hole." NOTE: each vector affects slightly different SVN revisions.
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in ...
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 before r2797 allows remote attackers to execute arbitrary PHP code via vectors related to templates and (1) a dollar-sign character, aka "php executed in templates;" and (2) a double quoted literal string, aka a "function injection security hole." NOTE: each vector affects slightly different SVN revisions.
EPSS
7.5 High
CVSS2