{"id":"CVE-2017-5541","details":"Directory traversal vulnerability in template/usererror.missing_extension.php in Symphony CMS before 2.6.10 allows remote attackers to rename arbitrary files via a .. (dot dot) in the existing-folder and new-folder parameters.","modified":"2026-04-10T04:01:41.949673Z","published":"2017-01-20T08:59:00.470Z","references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/95689"},{"type":"ADVISORY","url":"https://github.com/symphonycms/symphony-2/issues/2639"},{"type":"ADVISORY","url":"https://github.com/symphonycms/symphony-2/releases/tag/2.6.10"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/symphonycms/symphonycms","events":[{"introduced":"0"},{"last_affected":"aa8fcd2deabce0b338f42ba1109117b075f20247"},{"fixed":"96e919cb17f983e998e098e498fa230fa3344e34"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.6.9"}]}}],"versions":["2.0","2.0.1","2.0.2","2.0.4","2.0.7","2.0.7RC1","2.0.7RC2","2.0.7beta","2.1.2","2.2","2.2.2","2.2.3","2.2.4","2.2.5","2.3","2.3.1","2.3.1RC1","2.3.1RC2","2.3.1RC3","2.3.1beta1","2.3.1beta2","2.3.2","2.3.2RC1","2.3.2RC2","2.3.2beta1","2.3.2beta2","2.3.3","2.3.3RC1","2.3.3RC2","2.3.3RC3","2.3.3beta1","2.3.3beta2","2.3.3beta3","2.3.4","2.3.4RC1","2.3.4beta1","2.3.4beta2","2.3.5","2.3.5RC1","2.3.5beta1","2.3.6","2.3RC2","2.3RC3","2.3RC4","2.3beta1","2.3beta2","2.3beta3","2.4","2.4RC1","2.4RC2","2.4beta1","2.4beta3","2.5.0","2.5.1","2.5.2","2.5.2-beta.1","2.5.2-rc.1","2.6.0","2.6.0-beta.1","2.6.0-beta.2","2.6.0-rc.1","2.6.1","2.6.2","2.6.3","2.6.4","2.6.5","2.6.6","2.6.7","2.6.8","2.6.9","rev5"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-5541.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}]}