Vulnerabilities > Smarty > Smarty > 2.6.10

DATE CVE VULNERABILITY TITLE RISK
2008-10-31 CVE-2008-4811 Permissions, Privileges, and Access Controls vulnerability in Smarty
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 r2797 and earlier allows remote attackers to execute arbitrary PHP code via vectors related to templates and a \ (backslash) before a dollar-sign character.
network
low complexity
smarty CWE-264
7.5
7.5
2008-10-31 CVE-2008-4810 Code Injection vulnerability in Smarty
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 before r2797 allows remote attackers to execute arbitrary PHP code via vectors related to templates and (1) a dollar-sign character, aka "php executed in templates;" and (2) a double quoted literal string, aka a "function injection security hole." NOTE: each vector affects slightly different SVN revisions.
network
low complexity
smarty CWE-94
7.5
7.5
2008-02-28 CVE-2008-1066 Improper Input Validation vulnerability in Smarty
The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used by Serendipity (S9Y) and other products, allows attackers to call arbitrary PHP functions via templates, related to a '\0' character in a search string.
network
low complexity
smarty CWE-20
7.5
7.5