Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
smarty vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-7193
PHP remote file inclusion vulnerability in unit_test/test_cases.php in Smarty 2.6.1 allows remote malicious users to execute arbitrary PHP code via a URL in the SMARTY_DIR parameter. NOTE: this issue is disputed by CVE and a third party because SMARTY_DIR is a constant
Smarty Smarty 2.6.1
7.5
CVSSv2
CVE-2007-1987
Multiple PHP remote file inclusion vulnerabilities in PHPEcho CMS 2.0 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) _plugin_file parameter to smarty/internals/core.load_pulgins.php or the (2) root_path parameter to index.php. NOTE: CVE disputes (...
Phpecho Cms Phpecho Cms 2.0
7.5
CVSSv2
CVE-2007-1855
Multiple PHP remote file inclusion vulnerabilities in smarty/smarty_class.php in Shop-Script FREE allow remote malicious users to execute arbitrary PHP code via a URL in the (1) _smarty_compile_path, (2) smarty_compile_path, (3) get_plugin_filepath, (4) smarty_dir, and (5) filena...
Webasyst Llc Shop-script
7.5
CVSSv2
CVE-2006-7105
PHP remote file inclusion vulnerability in libs/Smarty.class.php in Smarty 2.6.9 allows remote malicious users to execute arbitrary PHP code via a URL in the filename parameter. NOTE: in the original disclosure, filename is used in a function definition, so this report is probabl...
Smarty Smarty 2.6.9
7.5
CVSSv2
CVE-2005-0913
Unknown vulnerability in the regex_replace modifier (modifier.regex_replace.php) in Smarty prior to 2.6.8 allows malicious users to execute arbitrary PHP code.
Smarty Smarty 2.6.6
Smarty Smarty 2.6.4
Smarty Smarty 2.6.5
Smarty Smarty 2.6.2
Smarty Smarty 2.6.3
Smarty Smarty 2.6.7
3.5
CVSSv2
CVE-2004-1865
Cross-site scripting (XSS) vulnerability in the administration panel in bBlog 0.7.2 allows remote authenticated users with superuser privileges to inject arbitrary web script or HTML via a blog name ($blogname). NOTE: if administrators are normally allowed to add HTML by other me...
Bblog Bblog 0.7.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7