" in a template (CVE-2..."/> " in a template (CVE-2..."/> " in a template (CVE-2..."/>
VDB

GCVE-110-MAGEIA-2014-469

GCVE-110-MAGEIA-2014-469
Advisory Published
Vulnetix · Advisory published November 21, 2014
Smarty before 3.1.21 allows remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by "{literal}<{/literal}script language=php>" in a template (CVE-2014-8350).

Affected Products

VendorProductVersionsPlatforms
Mageiaphp-smarty3.1.21-1.mga4 (unaffected), 0 (affected)

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›