← volver
CVE-2017-7694

CVE-2017-7694

EPSS 4.4%
Remote Code Execution vulnerability in symphony/content/content.blueprintsdatasources.php in Symphony CMS through 2.6.11 allows remote attackers to execute code and get a webshell from the back-end. The attacker must be authenticated and enter PHP code in the datasource editor or event editor.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/symphonycms/symphony-2/commit/e30a18f8f09dca836e141bf126a26e565c9a2bc7https://github.com/symphonycms/symphony-2/issues/2655http://www.math1as.com/symphonycms_2.7_exec.txthttp://www.securityfocus.com/bid/97594