CVE-2008-1066 in Smartyinfo

Summary

The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used by Serendipity (S9Y) and other products, allows attackers to call arbitrary PHP functions via templates, related to a \0 character in a search string.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

02/28/2008

Disclosure

02/28/2008

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
41269	Smarty modifier.regex_replace.php input validation	20	Not defined	Official fix	CVE-2008-1066

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸