| Max CVSS | 7.5 | Min CVSS | 7.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-4811 | 7.5 |
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 r2797 and earlier allows remote attackers to execute arbitrary PHP code via vectors related to templates and a \ (backslash) before a dollar-sign character.
|
08-08-2017 - 01:32 | 31-10-2008 - 18:09 | |
| CVE-2008-4810 | 7.5 |
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 before r2797 allows remote attackers to execute arbitrary PHP code via vectors related to templates and (1) a dollar-sign character, aka "php executed in templates;"
|
08-08-2017 - 01:32 | 31-10-2008 - 18:09 |