Unrated severityNVD Advisory· Published Sep 17, 2010· Updated Jun 16, 2026
CVE-2010-3458
CVE-2010-3458
Description
SQL injection vulnerability in lib/toolkit/events/event.section.php in Symphony CMS 2.0.7 and 2.1.1 allows remote attackers to execute arbitrary SQL commands via the send-email[recipient] parameter to about/. NOTE: some of these details are obtained from third party information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:getsymphony:symphony:2.0.7:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:getsymphony:symphony:2.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:getsymphony:symphony:2.1.1:*:*:*:*:*:*:*
- Range: = 2.0.7, = 2.1.1
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.