Product
smarty
32 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2023-41661
CVE-2023-28447
CVE-2018-25047
CVE-2022-29221
CVE-2021-29454
CVE-2021-21408
CVE-2021-26120
CVE-2021-26119
CVE-2020-10375
CVE-2011-1028
CVE-2018-13982
CVE-2018-16831
CVE-2017-1000480
CVE-2014-8350
CVE-2012-4437
CVE-2012-4277
CVE-2010-4727
CVE-2010-4726
CVE-2010-4725
CVE-2010-4724
CVE-2010-4723
CVE-2010-4722
CVE-2009-5054
CVE-2009-5053
CVE-2009-5052
CVE-2009-1669
CVE-2008-4811
CVE-2008-4810
CVE-2008-1066
CVE-2006-7193
CVE-2006-7105
CVE-2005-0913
<= 3.1.35
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin <= 3.1
< 3.1.48
Smarty is a template engine for PHP. In affected versions smarty did not properly escape javascript code. An attacker could exploi
< 3.1.47
In Smarty before 3.1.47 and 4.x before 4.2.1, libs/plugins/function.mailto.php allows XSS. A web page that uses smarty_function_ma
< 3.1.45
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versi
< 3.1.42
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versi
< 3.1.43
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versi
< 3.1.39
Smarty before 3.1.39 allows code injection via an unexpected function name after a {function name= substring.
< 3.1.39
Smarty before 3.1.39 allows a Sandbox Escape because $smarty.template_object can be accessed in sandbox mode.
< 9.10
An issue was discovered in New Media Smarty before 9.10. Passwords are stored in the database in an obfuscated format that can be
>= 3.0.0 and < 3.0.7
The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_interna
< 3.1.33
Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is prone to a path traversal vulnerability due to insufficient tem
>= 3.0.0 and <= 3.1.32
Smarty before 3.1.33-dev-4 allows attackers to bypass the trusted_dir protection mechanism via a file:./../ substring in an includ
>= 3.0.0 and < 3.1.32
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that
<= 3.1.20
Smarty before 3.1.21 allows remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated
all versions
Cross-site scripting (XSS) vulnerability in the SmartyException class in Smarty (aka smarty-php) before 3.1.12 allows remote attac
<= 3.1.7
Cross-site scripting (XSS) vulnerability in the smarty_function_html_options_optoutput function in distribution/libs/plugins/funct
<= 3.0.0
Smarty before 3.0.0 beta 7 does not properly handle the <?php and ?> tags, which has unspecified impact and remote attack vectors.
<= 3.0.0
Unspecified vulnerability in the math plugin in Smarty before 3.0.0 RC1 has unknown impact and remote attack vectors. NOTE: this
<= 3.0.0
Smarty before 3.0.0 RC3 does not properly handle an on value of the asp_tags option in the php.ini file, which has unspecified imp
<= 3.0.0
Multiple unspecified vulnerabilities in the parser implementation in Smarty before 3.0.0 RC3 have unknown impact and remote attack
<= 3.0.0
Smarty before 3.0.0, when security is enabled, does not prevent access to the (1) dynamic and (2) private object members of an ass
<= 3.0.1
Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 has unknown impact and remote attack vectors.
<= 2.6.26
Smarty before 3.0.0 beta 4 does not consider the umask value when setting the permissions of files, which might allow attackers to
<= 3.0.0
Unspecified vulnerability in Smarty before 3.0.0 beta 6 allows remote attackers to execute arbitrary PHP code by injecting this co
<= 3.0.0
Multiple unspecified vulnerabilities in Smarty before 3.0.0 beta 6 have unknown impact and attack vectors.
all versions
The smarty_function_math function in libs/plugins/function.math.php in Smarty 2.6.22 allows context-dependent attackers to execute
all versions
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 r2797 and earlier allows remote attackers to e
all versions
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 before r2797 allows remote attackers to execut
<= 2.6.18
The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used by Serendipity (S9Y) and other products, allows attackers t
all versions
PHP remote file inclusion vulnerability in unit_test/test_cases.php in Smarty 2.6.1 allows remote attackers to execute arbitrary P
all versions
PHP remote file inclusion vulnerability in libs/Smarty.class.php in Smarty 2.6.9 allows remote attackers to execute arbitrary PHP
all versions
Unknown vulnerability in the regex_replace modifier (modifier.regex_replace.php) in Smarty before 2.6.8 allows attackers to execut