CVE-2010-3458

2010-09-17T16:00:02
ID CVE-2010-3458
Type cve
Reporter NVD
Modified 2017-08-16T21:32:58

Description

SQL injection vulnerability in lib/toolkit/events/event.section.php in Symphony CMS 2.0.7 and 2.1.1 allows remote attackers to execute arbitrary SQL commands via the send-email[recipient] parameter to about/. NOTE: some of these details are obtained from third party information.