VDB

GCVE-110-MAGEIA-2018-118

GCVE-110-MAGEIA-2018-118
Advisory Published
Vulnetix · Advisory published February 6, 2018
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that does not sanitize template name(CVE-2017-1000480).

Affected Products

VendorProductVersionsPlatforms
Mageiaphp-smarty0 (affected), 3.1.21-3.1.mga6 (unaffected), 0 (affected), 3.1.21-3.1.mga6 (unaffected)
Mageiameta-task6-3.1.mga6 (unaffected), 0 (affected)
Mageiadrakx-net2.32.2-1.mga6 (unaffected), 0 (affected)
Mageiaphp-smarty0 (affected), 3.1.21-1.1.mga5 (unaffected), 0 (affected), 3.1.21-1.1.mga5 (unaffected)

Browse GCVE Records

73,443 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›