VYPR
Unrated severityNVD Advisory· Published Sep 17, 2010· Updated Jun 16, 2026

CVE-2010-3458

CVE-2010-3458

Description

SQL injection vulnerability in lib/toolkit/events/event.section.php in Symphony CMS 2.0.7 and 2.1.1 allows remote attackers to execute arbitrary SQL commands via the send-email[recipient] parameter to about/. NOTE: some of these details are obtained from third party information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:a:getsymphony:symphony:2.0.7:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:getsymphony:symphony:2.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:getsymphony:symphony:2.1.1:*:*:*:*:*:*:*
  • Getsymphony/CMSllm-create
    Range: = 2.0.7, = 2.1.1

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.