Lucene search

Photo Station Security Vulnerabilities

cve

CVE-2016-10331

Directory traversal vulnerability in download.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to read arbitrary files via a full pathname in the id...

7.5CVSS

7.4AI Score

0.004EPSS

2017-05-12 08:29 PM

cve

CVE-2016-10330

Directory traversal vulnerability in synophoto_dsm_user, a SUID program, as used in Synology Photo Station before 6.5.3-3226 allows local users to write to arbitrary files via unspecified...

7.1CVSS

6.7AI Score

0.0004EPSS

2017-05-12 08:29 PM

cve

CVE-2015-4656

Multiple cross-site scripting (XSS) vulnerabilities in Synology Photo Station before 6.3-2945 allow remote attackers to inject arbitrary web script or HTML via the (1) success parameter to login.php or (2) crafted URL parameters to index.php, as demonstrated by the t parameter to...

5.9AI Score

0.003EPSS

2015-06-18 06:59 PM

cve

CVE-2012-1556

Cross-site scripting (XSS) vulnerability in Synology Photo Station 5 for DiskStation Manager (DSM) 3.2-1955 allows remote attackers to inject arbitrary web script or HTML via the name parameter to...

5.9AI Score

0.003EPSS

2014-09-12 02:55 PM

cve

CVE-2013-5760

QNAP Photo Station before firmware 4.0.3 build0912 allows remote attackers to list OS user accounts via a request to...

6.9AI Score

0.004EPSS

2014-06-09 07:55 PM

Total number of security vulnerabilities55