Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
getsymphony symphony 2.0.7 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-2559
SQL injection vulnerability in Symphony CMS prior to 2.3.2 allows remote authenticated users to execute arbitrary SQL commands via the sort parameter to system/authors/. NOTE: this can be leveraged using CSRF to allow remote unauthenticated malicious users to execute arbitrary SQ...
Getsymphony Symphony 2.0.4
Getsymphony Symphony 2.0.5
Getsymphony Symphony 2.0.6
Getsymphony Symphony 2.0.7
Getsymphony Symphony 2.0
Getsymphony Symphony 2.0.3
Getsymphony Symphony
Getsymphony Symphony 2.3
Getsymphony Symphony 2.1.0
Getsymphony Symphony 2.1.1
1 EDB exploit
NA
CVE-2013-7346
Cross-site request forgery (CSRF) vulnerability in Symphony CMS prior to 2.3.2 allows remote malicious users to hijack the authentication of administrators for requests that conduct SQL injection attacks via the sort parameter to system/authors/, related to CVE-2013-2559.
Getsymphony Symphony
Getsymphony Symphony 2.0.7
Getsymphony Symphony 2.1.1
Getsymphony Symphony 2.0
Getsymphony Symphony 2.0.3
Getsymphony Symphony 2.0.4
Getsymphony Symphony 2.0.5
Getsymphony Symphony 2.3
Getsymphony Symphony 2.0.6
Getsymphony Symphony 2.1.0
1 EDB exploit
NA
CVE-2010-3457
Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.0.7 and 2.1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) fields[website] parameter in the post comments feature in articles/a-primer-to-symphony-2s-default-theme/ or (2) sen...
Getsymphony Symphony 2.1.1
Getsymphony Symphony 2.0.7
1 EDB exploit
NA
CVE-2010-3458
SQL injection vulnerability in lib/toolkit/events/event.section.php in Symphony CMS 2.0.7 and 2.1.1 allows remote malicious users to execute arbitrary SQL commands via the send-email[recipient] parameter to about/. NOTE: some of these details are obtained from third party informa...
Getsymphony Symphony 2.0.7
Getsymphony Symphony 2.1.1
1 EDB exploit
NA
CVE-2010-2143
Directory traversal vulnerability in index.php in Symphony CMS 2.0.7 allows remote malicious users to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the mode parameter.
Getsymphony Symphony 2.0.7
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started