CVE-2009-5054

CVE-2009-5054 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Smarty before 3.0.0 beta 4 does not consider the umask value when setting the permissions of files, which might allow attackers to bypass intended access restrictions via standard filesystem operations.

Learn more about our Web Application Penetration Testing UK.