Download
| Alert*
oval:org.secpod.oval:def:116084
Smarty is a template engine for PHP, facilitating the separation of presentation from application logic. This implies that PHP code is application logic, and is separated from the presentation. Autoloader: /usr/share/php/Smarty/autoload.php oval:org.secpod.oval:def:116090 Smarty is a template engine for PHP, facilitating the separation of presentation from application logic. This implies that PHP code is application logic, and is separated from the presentation. Autoloader: /usr/share/php/Smarty/autoload.php oval:org.secpod.oval:def:2001369 Smarty_Security::isTrustedResourceDir in Smarty before 3.1.33 is prone to a path traversal vulnerability due to insufficient template code sanitization. This allows attackers controlling the executed template code to bypass the trusted directory security restriction and read arbitrary files. oval:org.secpod.oval:def:80410 smarty3: The compiling PHP template engine Several security issues were fixed in Smarty. oval:org.secpod.oval:def:706417 smarty3: The compiling PHP template engine Several security issues were fixed in Smarty. |