Back to search
CVE-2017-7694
Published: Apr 11, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
Remote Code Execution vulnerability in symphony/content/content.blueprintsdatasources.php in Symphony CMS through 2.6.11 allows remote attackers to execute code and get a webshell from the back-end. The attacker must be authenticated and enter PHP code in the datasource editor or event editor.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/symphonycms/symphony-2/issues/2655
x_refsource_MISC
97594
vdb-entry
x_refsource_BID
http://www.math1as.com/symphonycms_2.7_exec.txt
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now