Symfonia Ready Local File Inclusion Vulnerability

Vulnerability

A local file inclusion vulnerability has been identified in the attachment upload panel of Symfonia Ready_ software, specifically in versions 7.0.0.0 through 7.19.39.23. This vulnerability allows low-privileged users to provide links to local files using the file:// protocol, enabling them to read the contents of those files. Exploitation of this vulnerability could lead to unauthorized access to sensitive system files.

Impact

Exploitation of this vulnerability allows for local file inclusion, with the potential to read sensitive system files on the server.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.3

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.3

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Symfonia Ready Local File Inclusion Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating