Improper neutralization of special elements used in an SQL command (‘SQL Injection’) vulnerability in thumbnail component in Synology Photo Station before 6.8.14-3500 allows remote attackers users to execute arbitrary SQL commands via unspecified vectors.
CPE | Name | Operator | Version |
---|---|---|---|
photo_station | ge | 6.8 | |
photo_station | lt | 6.8.14 |