Lucene search
+L

11 matches found

OpenVAS
OpenVAS
added 2018/11/20 12:0 a.m.28 views

Sensiolabs Symfony 2.8.x < 2.8.37, 3.3.x < 3.3.17, 3.4.x < 3.4.7 and 4.0.x < 4.0.7 Authentication Bypass Vulnerability

This host runs Symfony and is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

9.8CVSS9.7AI score0.02345EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2018/08/06 12:0 a.m.15 views

Sensiolabs Symfony End of Life (EOL) Detection

Sensiolabs Symfony on the remote host has reached the End of Life EOL and should not be used anymore. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

7.4AI score
Exploits0References1
OpenVAS
OpenVAS
added 2018/08/06 12:0 a.m.62 views

Sensiolabs Symfony <= 2.7.48, 2.8.* <= 2.8.43, 3.* <= 3.3.17, 3.4.* <= 3.4.13, 4.0.* <= 4.0.13 and 4.1.* <= 4.1.2 Multiple Vulnerabilities

This host runs Symfony and is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

7.2CVSS6.6AI score0.58061EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/06/26 12:0 a.m.28 views

Sensiolabs Symfony Detection Consolidation

Consolidation of Sensiolabs Symfony detections. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3AI score
Exploits0References1
OpenVAS
OpenVAS
added 2018/06/26 12:0 a.m.31 views

Sensiolabs Symfony Detection (Linux/Unix SSH Login)

SSH login-based detection of a Sensiolabs Symfony. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2018/06/26 12:0 a.m.45 views

Sensiolabs Symfony Detection (HTTP)

HTTP based detection of Sensiolabs Symfony. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4AI score
Exploits0
Debian CVE
Debian CVE
added 2018/06/13 10:0 p.m.61 views

CVE-2018-12040

Reflected Cross-site scripting XSS vulnerability in the web profiler in SensioLabs Symfony 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the "file" parameter, aka an profiler/open?file= URI. NOTE: The vendor states "The XSS ... is in the web profiler, a tool that should...

6.1CVSS6AI score0.01315EPSS
Exploits2
Cvelist
Cvelist
added 2018/06/13 10:0 p.m.28 views

CVE-2018-12040

Reflected Cross-site scripting XSS vulnerability in the web profiler in SensioLabs Symfony 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the "file" parameter, aka an profiler/open?file= URI. NOTE: The vendor states "The XSS ... is in the web profiler, a tool that should...

6AI score0.01315EPSS
Exploits2References2
UbuntuCve
UbuntuCve
added 2012/06/07 7:55 p.m.18 views

CVE-2012-2667

Session fixation vulnerability in lib/user/sfBasicSecurityUser.class.php in SensioLabs Symfony before 1.4.18 allows remote attackers to hijack web sessions via vectors related to the regenerate method and unspecified "database backed session classes."...

4.3CVSS5.9AI score0.01349EPSS
Exploits0References9
Prion
Prion
added 2012/06/07 7:55 p.m.13 views

Session fixation

Session fixation vulnerability in lib/user/sfBasicSecurityUser.class.php in SensioLabs Symfony before 1.4.18 allows remote attackers to hijack web sessions via vectors related to the regenerate method and unspecified "database backed session classes."...

4.3CVSS7AI score0.01349EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2012/06/07 7:0 p.m.22 views

CVE-2012-2667

Session fixation vulnerability in lib/user/sfBasicSecurityUser.class.php in SensioLabs Symfony before 1.4.18 allows remote attackers to hijack web sessions via vectors related to the regenerate method and unspecified "database backed session classes."...

6.3AI score0.01349EPSS
Exploits0References7
Rows per page
Query Builder