Lucene search
K

6 matches found

Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.13 views

PT-2026-44141

Name of the Vulnerable Software and Affected Versions Symfony affected versions not specified Description The profiler, a debug UI used only during development, renders source-code excerpts using the file excerpt filter. While PHP files are rendered via highlight string to escape HTML, non-PHP...

2CVSS6.2AI score0.00062EPSS
Exploits0References17
Snyk
Snyk
added 2026/05/20 3:35 p.m.11 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the CodeExtension::fileExcerpt function in WebProfiler. An attacker can execute arbitrary JavaScript code in the context of affected users by sending a specially crafted non-PHP files with \n that avoids HTM...

5.4CVSS5.8AI score0.00062EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/20 3:35 p.m.11 views

Cross-site Scripting (XSS)

Overview symfony/symfony is a PHP framework for web applications and a set of reusable PHP components. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the CodeExtension::fileExcerpt function in WebProfiler. An attacker can execute arbitrary JavaScript code in the...

5.4CVSS5.8AI score0.00062EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-0539

Malware in sbrugna...

5CVSS6.1AI score0.02521EPSS
Exploits0References4
OSV
OSV
added 2007/01/29 5:28 p.m.11 views

CVE-2007-0541

WordPress allows remote attackers to determine the existence of arbitrary files, and possibly read portions of certain files, via pingback service calls with a source URI that corresponds to a local pathname, which triggers different fault codes for existing and non-existing files, and in certain...

6.5AI score
Exploits0References3
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.11 views

CVE-2026-45072: Stored XSS in WebProfiler CodeExtension::fileExcerpt(): Unescaped Non-PHP File Rendering

More info at https://symfony.com/cve-2026-45072...

2CVSS5.8AI score0.00062EPSS
Exploits0Affected Software1
Rows per page
Query Builder