CVE-2008-1066
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
CVE
CVE-2008-1066
Status
Candidate
Description
The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used by Serendipity (S9Y) and other products, allows attackers to call arbitrary PHP functions via templates, related to a '\0' character in a search string.
Phase
Assigned (28.02.2008)
SecurityVulns:
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
NVD:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1066
References
CONFIRM :
http://blog.s9y.org/archives/191-Serendipity-1.3-b...
CONFIRM :
http://www.phpinsider.com/smarty-forum/viewtopic.p...
CONFIRM :
http://www.smarty.net/misc/NEWS
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Enter your search terms
Web
securityvulns.com
Submit search form
