All 5 CVE vulnerabilities found in smarty, with AI-generated Chinese analysis, references, and POCs.
Vendor: smarty-php
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-35226 | PHP Code Injection by malicious attribute in extends-tag in Smarty CWE-94 | 7.3 | High | 2024-05-28 |
| CVE-2023-28447 | Cross site scripting vulnerability in Javascript escaping in smarty/smarty CWE-79 | 7.1 | High | 2023-03-28 |
| CVE-2022-29221 | PHP Code Injection by malicious block or filename in Smarty CWE-94 | 8.8 | High | 2022-05-24 |
| CVE-2021-21408 | Access to restricted PHP code by dynamic static class access in smarty CWE-20 | 8.8 | High | 2022-01-10 |
| CVE-2021-29454 | Sandbox Escape by math function in smarty CWE-74 | 8.1 | High | 2022-01-10 |
All 5 known CVE vulnerabilities affecting smarty with full Chinese analysis, references, and POCs where available.