5 matches found
EUVD-2022-2557
Malicious code in bioql PyPI...
CVE-2015-2308
Eval injection vulnerability in the HttpCache class in HttpKernel in Symfony 2.x before 2.3.27, 2.4.x and 2.5.x before 2.5.11, and 2.6.x before 2.6.6 allows remote attackers to execute arbitrary PHP code via a language="php" attribute of a SCRIPT element...
CVE-2015-2308
Eval injection vulnerability in the HttpCache class in HttpKernel in Symfony 2.x before 2.3.27, 2.4.x and 2.5.x before 2.5.11, and 2.6.x before 2.6.6 allows remote attackers to execute arbitrary PHP code via a language="php" attribute of a SCRIPT element...
CVE-2015-2308
Eval injection vulnerability in the HttpCache class in HttpKernel in Symfony 2.x before 2.3.27, 2.4.x and 2.5.x before 2.5.11, and 2.6.x before 2.6.6 allows remote attackers to execute arbitrary PHP code via a language="php" attribute of a SCRIPT element...
CVE-2015-2308
Symfony 2.x vulnerable to PHP code execution via HTTP cache HttpCache Eval injection. Affected: HttpKernel HttpCache class when ESI is enabled. Root cause: language="php" attribute in SCRIPT elements not escaped before eval(). Affected versions: Symfony 2.0.x–2.6.x with fixes in 2.3.27, 2.5.11, a...