{"id":"CVE-2011-1028","details":"The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file.","aliases":["GHSA-6frx-2r5w-c524"],"modified":"2026-04-10T03:41:40.140094Z","published":"2019-11-20T15:15:11Z","references":[{"type":"ADVISORY","url":"https://seclists.org/oss-sec/2011/q1/313"},{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2011-1028"},{"type":"ARTICLE","url":"https://seclists.org/oss-sec/2011/q1/313"},{"type":"WEB","url":"https://access.redhat.com/security/cve/cve-2011-1028"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}