Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is prone to a path traversal vulnerability due to insufficient template code sanitization. This allows attackers controlling the executed template code to bypass the trusted directory security restriction and read arbitrary files.

Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is prone to a path traversal vulnerability due to insufficient template code sanitization. This allows attackers controlling the executed template code to bypass the trusted directory security restriction and read arbitrary files.

Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is pro ...

Smarty Path Traversal Vulnerability

Уязвимость реализации метода isTrustedResourceDir класса Smarty_Security обработчика шаблонов для PHP Smarty, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации