CVE-2010-4727

Smarty <3.0.0 beta 7 - Code Injection

Title source: llm
STIX 2.1

Description

Smarty before 3.0.0 beta 7 does not properly handle the <?php and ?> tags, which has unspecified impact and remote attack vectors.

References (1)

Core 1
Core References

Scores

EPSS 0.0188
EPSS Percentile 77.0%

Details

CWE
CWE-20
Status published
Products (43)
smarty/smarty 1.0
smarty/smarty 1.0a
smarty/smarty 1.0b
smarty/smarty 1.1.0
smarty/smarty 1.2.0
smarty/smarty 1.2.1
smarty/smarty 1.2.2
smarty/smarty 1.3.0
smarty/smarty 1.3.1
smarty/smarty 1.3.2
... and 33 more
Published Feb 03, 2011
Tracked Since Feb 18, 2026