Total
33 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-9552 | 1 Synology | 1 Photo Station | 2023-12-10 | 2.1 LOW | 7.8 HIGH |
A design flaw in authentication in Synology Photo Station 6.0-2528 through 6.7.1-3419 allows local users to obtain credentials via cmdline. Synology Photo Station employs the synophoto_dsm_user program to authenticate username and password by "synophoto_dsm_user --auth USERNAME PASSWORD", and local users are able to obtain credentials by sniffing "/proc/*/cmdline". | |||||
CVE-2017-9555 | 1 Synology | 1 Photo Station | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
Cross-site scripting (XSS) vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.0-3414 allows remote attackers to inject arbitrary web script or HTML via the image parameter. | |||||
CVE-2017-11161 | 1 Synology | 1 Photo Station | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Multiple SQL injection vulnerabilities in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to label.php; or (2) type parameter to synotheme.php. | |||||
CVE-2017-12079 | 1 Synology | 1 Photo Station | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Files or directories accessible to external parties vulnerability in picasa.php in Synology Photo Station before 6.8.1-3458 and before 6.3-2970 allows remote attackers to obtain arbitrary files via prog_id field. | |||||
CVE-2017-12071 | 1 Synology | 1 Photo Station | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
Server-side request forgery (SSRF) vulnerability in file_upload.php in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to download arbitrary local files via the url parameter. | |||||
CVE-2017-11153 | 1 Synology | 1 Photo Station | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Deserialization vulnerability in synophoto_csPhotoMisc.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to gain administrator privileges via a crafted serialized payload. | |||||
CVE-2017-11154 | 1 Synology | 1 Photo Station | 2023-12-10 | 6.5 MEDIUM | 7.2 HIGH |
Unrestricted file upload vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to create arbitrary PHP scripts via the type parameter. | |||||
CVE-2016-10330 | 1 Synology | 1 Photo Station | 2023-12-10 | 4.6 MEDIUM | 7.1 HIGH |
Directory traversal vulnerability in synophoto_dsm_user, a SUID program, as used in Synology Photo Station before 6.5.3-3226 allows local users to write to arbitrary files via unspecified vectors. | |||||
CVE-2016-10323 | 1 Synology | 1 Photo Station | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
Synology Photo Station before 6.3-2958 allows local users to gain privileges by leveraging setuid execution of a "synophoto_dsm_user --copy-no-ea" command. | |||||
CVE-2016-10322 | 1 Synology | 1 Photo Station | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
Synology Photo Station before 6.3-2958 allows remote authenticated guest users to execute arbitrary commands via shell metacharacters in the X-Forwarded-For HTTP header to photo/login.php. | |||||
CVE-2016-10329 | 1 Synology | 1 Photo Station | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Command injection vulnerability in login.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to execute arbitrary code via shell metacharacters in the crafted 'X-Forwarded-For' header. | |||||
CVE-2016-10331 | 1 Synology | 1 Photo Station | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Directory traversal vulnerability in download.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to read arbitrary files via a full pathname in the id parameter. | |||||
CVE-2015-4656 | 1 Synology | 1 Photo Station | 2023-12-10 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Synology Photo Station before 6.3-2945 allow remote attackers to inject arbitrary web script or HTML via the (1) success parameter to login.php or (2) crafted URL parameters to index.php, as demonstrated by the t parameter to photo/. |