Smarty/smarty

This hub aggregates every CVE we track for Smarty/smarty, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Smarty/smarty.

• CVE-2024-35226PHP Code Injection by malicious attribute in extends-tag in Smarty7.3May 28, 2024
• CVE-2023-28447Cross site scripting vulnerability in Javascript escaping in smarty/smarty7.1Mar 28, 2023
• CVE-2018-25047In Smarty before 3.1.47 and 4.x before 4.2.1, libs/plugins/function.mailto.php allows XSS. A web page that uses smarty_function_mailto, and that could be parameterized using GET or POST input param...5.4Sep 14, 2022
• CVE-2022-29221PHP Code Injection by malicious block or filename in Smarty8.8May 24, 2022
• CVE-2021-29454Sandbox Escape by math function in smarty8.1Jan 10, 2022
• CVE-2021-21408Access to restricted PHP code by dynamic static class access in smarty8.8Jan 10, 2022
• CVE-2021-26120Smarty before 3.1.39 allows code injection via an unexpected function name after a {function name= substring.9.8Feb 22, 2021
• CVE-2021-26119Smarty before 3.1.39 allows a Sandbox Escape because $smarty.template_object can be accessed in sandbox mode.7.5Feb 22, 2021
• CVE-2011-1028The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file.9.8Nov 20, 2019
• CVE-2018-13982Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is prone to a path traversal vulnerability due to insufficient template code sanitization. This allows attackers controlling the exec...7.5Sep 18, 2018
• CVE-2018-16831Smarty before 3.1.33-dev-4 allows attackers to bypass the trusted_dir protection mechanism via a file:./../ substring in an include statement.5.9Sep 11, 2018
• CVE-2017-1000480Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that does not sanitize template name.9.8Jan 3, 2018
• CVE-2014-8350Smarty before 3.1.21 allows remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by "{literal}<{/literal}script language=php>" in a template.7.5Nov 3, 2014
• CVE-2012-4437Cross-site scripting (XSS) vulnerability in the SmartyException class in Smarty (aka smarty-php) before 3.1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...4.3Oct 1, 2012
• CVE-2009-5054Smarty before 3.0.0 beta 4 does not consider the umask value when setting the permissions of files, which might allow attackers to bypass intended access restrictions via standard filesystem operat...7.5Feb 3, 2011