CVE-2011-1028

The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file.

View Full Alert

Related Posts

  • CVE-2011-5328

    The user-access-manager plugin before 1.2 for WordPress has CSRF. View Full Alert

  • CVE-2011-1408

    ikiwiki before 3.20110608 allows remote attackers to hijack root's tty and run symlink attacks. View Full Alert

  • CVE-2011-5329

    The redirection plugin before 2.2.9 for WordPress has XSS in the admin menu, a different issue than CVE-2011-4562. View Full Alert