Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

packagist smarty/smarty Security Advisories

Browse all Security Advisories for packagist smarty/smarty

Loading...
High
GSA_kwCzR0hTQS00cm1nLTI5Mm0td2czd84AA8jS
Smarty vulnerable to PHP Code Injection by malicious attribute in extends-tag
Ecosystems: packagist
Packages: smarty/smarty
Source: GitHub Advisory Database
Blast Radius: 24.6
Published: 6 months ago
High
GSA_kwCzR0hTQS03ajk4LWg3ZnAtNHZ3as4AAyaT
smarty Cross-site Scripting vulnerability in Javascript escaping
Ecosystems: packagist
Packages: smarty/smarty
Source: GitHub Advisory Database
Blast Radius: 23.9
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1od3E3LTV2djktYzZjZs4AAu1C
Smarty Cross-site Scripting vulnerability in pages that use smarty_function_mailto
Ecosystems: packagist
Packages: smarty/smarty
Source: GitHub Advisory Database
Blast Radius: 18.2
Published: about 2 years ago
High
GSA_kwCzR0hTQS02MzR4LXBjM3EtY2Y0Y84AArNC
PHP Code Injection by malicious block or filename in Smarty
Ecosystems: packagist
Packages: smarty/smarty
Source: GitHub Advisory Database
Blast Radius: 29.7
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS05Z3FqLXBwdjItZjJocc4AAdhH
Cross-site Scripting in SmartyException
Ecosystems: packagist
Packages: smarty/smarty
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS0ycG14LTZtbTYtNnY3Ms4AAZWA
Smarty arbitrary PHP code execution
Ecosystems: packagist
Packages: smarty/smarty
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS05bTQ5LXZod3YtNDIyZ84AAXdy
Smarty PHP code injection
Ecosystems: packagist
Packages: smarty/smarty
Source: GitHub Advisory Database
Blast Radius: 33.1
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS02NWo1LXZwbTctNnhwNM4AAU0X
Smarty Path Traversal Vulnerability
Ecosystems: packagist
Packages: smarty/smarty
Source: GitHub Advisory Database
Blast Radius: 19.9
Published: over 2 years ago
High
GSA_kwCzR0hTQS03Z2Z4LXd4ZmgtN3J2bc3rxw
Smarty Path Traversal Vulnerability
Ecosystems: packagist
Packages: smarty/smarty
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS02bTlmLTh2d3EtOTdwbc3Rzg
Smarty Does Not Consider Umask Values When Setting Permissions
Ecosystems: packagist
Packages: smarty/smarty
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS02ZnJ4LTJyNXctYzUyNM0_IA
Smarty3 Arbitrary PHP Code Execution
Ecosystems: packagist
Packages: smarty/smarty
Source: GitHub Advisory Database
Blast Radius: 33.1
Published: over 2 years ago
High
GSA_kwCzR0hTQS00aDljLXY1dmctNW02bc0hUA
Access to restricted PHP code by dynamic static class access in smarty
Ecosystems: packagist
Packages: smarty/smarty
Source: GitHub Advisory Database
Blast Radius: 29.7
Published: almost 3 years ago
High
GSA_kwCzR0hTQS0yOWdwLTJjM20tM2o2bc0hTw
Sandbox Escape by math function in smarty
Ecosystems: packagist
Packages: smarty/smarty
Source: GitHub Advisory Database
Blast Radius: 27.3
Published: almost 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc1aHItam00ai05anZx
Sandbox escape through template_object in smarty
Ecosystems: packagist
Packages: smarty/smarty
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: over 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNycGYtNXJxdi02ODlx
PHP Code Injection by malicious function name in smarty
Ecosystems: packagist
Packages: smarty/smarty
Source: GitHub Advisory Database
Blast Radius: 33.1
Published: over 3 years ago
Statistics
Advisories: 20,668
Packages: 9,040
Repositories: 2
Ecosystems: 12
Filter by Severity
Moderate 8,836 High 7,269 Critical 3,070 Low 1,144
Filter by Ecosystem
maven 5,864 packagist 4,634 pypi 4,352 npm 3,812 go 2,295 nuget 1,552 cargo 882 rubygems 880 swift 33 hex 32 actions 20 pub 9
Filter by Package
moodle/moodle 367 magento/community-edition 235 typo3/cms 174 pimcore/pimcore 118 dolibarr/dolibarr 113 typo3/cms-core 106 microweber/microweber 94 phpmyadmin/phpmyadmin 92 drupal/core 92 silverstripe/framework 85 drupal/drupal 78 librenms/librenms 74 thorsten/phpmyfaq 70 symfony/symfony 69 concrete5/concrete5 60 shopware/platform 52 baserproject/basercms 47 craftcms/cms 46 showdoc/showdoc 40 shopware/core 40 intelliants/subrion 39 froxlor/froxlor 38 mautic/core 37 nilsteampassnet/teampass 37 snipe/snipe-it 35 zendframework/zendframework1 34 shopware/shopware 30 getgrav/grav 29 mediawiki/core 28 centreon/centreon 27 prestashop/prestashop 26 magento/core 24 contao/core-bundle 24 simplesamlphp/simplesamlphp 23 remdex/livehelperchat 23 zendframework/zendframework 23 pocketmine/pocketmine-mp 23 grumpydictator/firefly-iii 23 getkirby/cms 22 tribalsystems/zenario 22 laravel/framework 20 funadmin/funadmin 20 contao/contao 19 forkcms/forkcms 18 topthink/framework 18 cockpit-hq/cockpit 18 ezsystems/ezpublish-kernel 17 opencart/opencart 17 symfony/security 17 cakephp/cakephp 17 francoisjacquet/rosariosis 17 genix/cms 17 openmage/magento-lts 16 typo3/cms-backend 16 yetiforce/yetiforce-crm 16 phpbb/phpbb 16 symfony/security-http 15 october/system 15 smarty/smarty 15 ec-cube/ec-cube 15 phpmailer/phpmailer 14 dompdf/dompdf 14 bolt/bolt 14 silverstripe/cms 14 feehi/cms 14 elefant/cms 13 impresscms/impresscms 13 sylius/sylius 13 lavalite/cms 13 pimcore/admin-ui-classic-bundle 13 studio-42/elfinder 13 codeigniter4/framework 13 admidio/admidio 13 symfony/http-foundation 12 phpoffice/phpspreadsheet 12 phpmyfaq/phpmyfaq 12 wwbn/avideo 12 tinymce/tinymce 11 wallabag/wallabag 11 nukeviet/nukeviet 11 ezsystems/ezplatform-kernel 11 pagekit/pagekit 11 feehi/feehicms 11 TinyMCE 11 tinymce 11 ssddanbrown/bookstack 10 sulu/sulu 10 ezsystems/ezpublish-legacy 10 october/october 10 yiisoft/yii2 10 bootstrap 9 twbs/bootstrap 9 statamic/cms 9 bootstrap 9 org.webjars:bootstrap 9 contao/core 9 bootstrap 9 kevinpapst/kimai2 9 concrete5/core 9 alextselegidis/easyappointments 9 ezsystems/ezplatform-admin-ui 8 facturascripts/facturascripts 8 mantisbt/mantisbt 8 silverstripe/graphql 8 silverstripe/admin 8 codiad/codiad 8 croogo/croogo 8 composer/composer 8 october/cms 8 twig/twig 8 pterodactyl/panel 8 pimcore/customer-management-framework-bundle 8 gilacms/gila 8 symfony/http-kernel 7 bootstrap-sass 7 backdrop/backdrop 7 wpglobus/wpglobus 7 flarum/core 7 october/backend 7 passbolt/passbolt_api 7 billz/raspap-webgui 7 bootstrap.sass 7 yourls/yourls 6 guzzlehttp/guzzle 6 gleez/cms 6 nystudio107/craft-seomatic 6 pear/archive_tar 6 in2code/femanager 6 phpseclib/phpseclib 6 yiisoft/yii2-dev 6 vrana/adminer 6 directmailteam/direct-mail 6 icecoder/icecoder 6 oro/platform 6 bagisto/bagisto 6 zoujingli/thinkadmin 6 dweeves/magmi 6 typo3/flow 5 phpxmlrpc/phpxmlrpc 5 symfony/security-core 5 woocommerce/woocommerce 5 anchorcms/anchor-cms 5 silverstripe/assets 5 simplesamlphp/saml2 5 mautic/core-lib 5 thinkcmf/thinkcmf 5 bootstrap-sass 5 illuminate/database 5 symfony/security-bundle 5 elgg/elgg 5 limesurvey/limesurvey 5 typo3/cms-install 5 neos/neos 5 phpservermon/phpservermon 5 gugoan/economizzer 5 bottelet/flarepoint 5 ibexa/core 5 codeigniter/framework 5 neos/flow 5 cachethq/cachet 5 kimai/kimai 5 friendsofsymfony/user-bundle 4 magento/product-community-edition 4 wp-premium/gravityforms 4 shopware/storefront 4 codeigniter4/shield 4 typo3/html-sanitizer 4 pyrocms/pyrocms 4 ezyang/htmlpurifier 4 shopxo/shopxo 4 oro/commerce 4 automad/automad 4 evolutioncms/evolution 4 zendframework/zendopenid 4 reportico-web/reportico 4 modx/revolution 4 bref/bref 4 sylius/resource-bundle 4 adodb/adodb-php 4 ezsystems/ezplatform 4 typo3/cms-frontend 4 spatie/browsershot 4 notrinos/notrinos-erp 4 appwrite/server-ce 4 idno/known 4 wintercms/winter 4 processwire/processwire 4 bytefury/crater 4 joomla/joomla-cms 3 getformwork/formwork 3 orchid/platform 3 enhavo/enhavo-app 3 joomla/framework 3 pixelfed/pixelfed 3 quickapps/cms 3 enshrined/svg-sanitize 3 aimeos/ai-admin-graphql 3 symfony/form 3 tecnickcom/tcpdf 3 redaxo/source 3
Filter by Repository
https://github.com/smarty-php/smarty 12