2 matches found
SQL Injection
Overview symfony/symfony is a PHP framework for web applications and a set of reusable PHP components. Affected versions of this package are vulnerable to SQL Injection via PdoAdapter::doClear method. An attacker can influence SQL query to expand deletion scope or perform arbitrary actions by...
Authentication Bypass
Overview symfony/symfony is a PHP framework for web applications and a set of reusable PHP components. Affected versions of this package are vulnerable to Authentication Bypass via the consumeRememberMeCookie function due to improper validation between the username persisted in the database and t...