Smarty Vulnerabilità

Sequenza temporale

Versione

2.6.115
2.6.215
2.6.315
2.6.014
3.1.011

Contromisure

Official Fix27
Temporary Fix0
Workaround0
Unavailable2
Not Defined4

Sfruttabilità

High0
Functional0
Proof-of-Concept1
Unproven2
Not Defined30

Accesso al vettore

Not Defined0
Physical0
Local0
Adjacent2
Network31

Autenticazione

Not Defined0
High1
Low6
None26

Interazione dell'utente

Not Defined0
Required7
None26

C3BM Index

L'anno scorso

CVSSv3 Base

≤10
≤20
≤30
≤40
≤56
≤62
≤71
≤815
≤91
≤108

CVSSv3 Temp

≤10
≤20
≤30
≤40
≤56
≤62
≤712
≤84
≤91
≤108

VulDB

≤10
≤20
≤31
≤41
≤55
≤63
≤73
≤812
≤90
≤108

NVD

≤10
≤20
≤30
≤40
≤51
≤63
≤71
≤82
≤90
≤102

CNA

≤10
≤20
≤30
≤40
≤50
≤61
≤70
≤81
≤93
≤100

Fornitore

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 giorni

<1k4
<2k8
<5k21
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploiter aujourd'hui

<1k33
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Sfrutta il volume del mercato

L'anno scorso

🔴 CTI Attività

Affected Versions (74): 2.6, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.18, 2.6.22, 3.1, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.1.8, 3.1.9, 3.1.11, 3.1.12, 3.1.13, 3.1.14, 3.1.15, 3.1.16, 3.1.17, 3.1.18, 3.1.19, 3.1.21, 3.1.22, 3.1.23, 3.1.24, 3.1.25, 3.1.26, 3.1.27, 3.1.28, 3.1.29, 3.1.31, 3.1.32, 3.1.33, 3.1.33-dev-3, 3.1.34, 3.1.35, 3.1.36, 3.1.37, 3.1.38, 3.1.39, 3.1.41, 3.1.42, 3.1.43, 3.1.44, 3.1.45, 3.1.46, 3.1.47, 4, 4.0, 4.0.1, 4.0.2, 4.1, 4.2, 4.3, 9.0, 9.1, 9.2, 9.3, 9.4, 9.5, 9.6, 9.7, 9.8, 9.9

Tipo di software: Customer Relationship Management System

Data di pubblicazioneBaseTempVulnerabilità0dayOggiSfrConCTICVE
29/09/20234.44.4PressPage Entertainment Smarty Plugin cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2023-41661
26/07/20234.34.2Smarty Plugin displaySmartyManagementPage cross site request forgery$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2023-37992
29/03/20235.85.8Smarty cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2023-28447
15/09/20224.44.4Smarty function.mailto.php smarty_function_mailto cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2018-25047
25/05/20227.57.4Smarty escalazione di privilegi$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-29221
11/01/20227.27.0Smarty Template escalazione di privilegi$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2021-29454
11/01/20227.57.4Smarty Template escalazione di privilegi$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-21408
22/02/20217.67.3Smarty Function escalazione di privilegi$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-26120
22/02/20216.56.2Smarty Sandbox Mode $smarty.template_object escalazione di privilegi$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-26119
06/02/20214.94.7New Media Smarty data.mdb crittografia debole$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-10375

23 non vengono visualizzate più voci

🔒 Login Required

You need to signup and login to see more of the remaining 23 results.

PrecedenteVisione D'insiemeIl prossimo

Do you need the next level of professionalism?

Upgrade your account now!