cbcvebase.
CVE-2009-5053
published 2011-02-03

CVE-2009-5053: Unspecified vulnerability in Smarty before 3.0.0 beta 6 allows remote attackers to execute arbitrary PHP code by injecting this code into a cache file.

PriorityP342high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
2.09%
79.3th percentile
Unspecified vulnerability in Smarty before 3.0.0 beta 6 allows remote attackers to execute arbitrary PHP code by injecting this code into a cache file.

Affected

57 ranges· showing 25
VendorProductVersion rangeFixed in
debiansmarty3< smarty3 3.0~rc1-1 (bookworm)smarty3 3.0~rc1-1 (bookworm)
smartysmarty<= 3.0.0
smartysmarty
smartysmarty
smartysmarty
smartysmarty
smartysmarty
smartysmarty
smartysmarty
smartysmarty
smartysmarty
smartysmarty
smartysmarty
smartysmarty
smartysmarty
smartysmarty
smartysmarty
smartysmarty
smartysmarty
smartysmarty
smartysmarty
smartysmarty
smartysmarty
smartysmarty
smartysmarty

CVSS provenance

nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.