Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Symphony Security Vulnerabilities - CVSS Score 9 - 10

cve
cve

CVE-2018-10469

b3log Symphony (aka Sym) 2.6.0 allows remote attackers to upload and execute arbitrary JSP files via the name[] parameter to the /upload URI.

9.8CVSS

9.6AI Score

0.011EPSS

2018-04-27 04:29 AM
29
cve
cve

CVE-2024-23049

An issue in symphony v.3.6.3 and before allows a remote attacker to execute arbitrary code via the log4j component.

9.8CVSS

9.6AI Score

0.004EPSS

2024-02-05 11:15 PM
134