Lucene search

Synaman Security Vulnerabilities

cve

CVE-2022-26250

Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated attackers to escalate...

7.8CVSS

7.7AI Score

0.001EPSS

2022-04-06 01:15 AM

cve

CVE-2022-26251

The HTTP interface of Synaman v5.1 and below was discovered to allow authenticated attackers to execute arbitrary code and escalate...

7.2CVSS

7.4AI Score

0.004EPSS

2022-04-06 01:15 AM

cve

CVE-2022-22828

An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename...

7.5CVSS

7.4AI Score

0.004EPSS

2022-01-27 06:15 AM

cve

CVE-2015-3140

Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies SynaMan before 3.5 Build 1451, Syncrify before 3.7 Build 856, and SynTail before 1.5 Build...

8.8CVSS

8.8AI Score

0.004EPSS

2019-11-21 10:15 PM

cve

CVE-2018-10763

Multiple cross-site scripting (XSS) vulnerabilities in Synametrics SynaMan 4.0 build 1488 via the (1) Main heading or (2) Sub heading fields in the Partial Branding configuration...

4.8CVSS

5AI Score

0.001EPSS

2018-09-14 09:29 PM

cve

CVE-2018-10814

Synametrics SynaMan 4.0 build 1488 uses cleartext password storage for SMTP...

7.8CVSS

7.7AI Score

0.001EPSS

2018-09-14 09:29 PM