Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2024/10/01 12:0 a.m.15 views

Synology DiskStation Manager Cross-site Scripting (CVE-2018-8917)

Cross-site scripting XSS vulnerability in info.cgi in Synology DiskStation Manager DSM before 6.1.6-15266 allows remote attackers to inject arbitrary web script or HTML via the host parameter. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for mor...

6.5CVSS6.2AI score0.00803EPSS
Exploits0References2
CNVD
CNVD
added 2018/12/25 12:0 a.m.2 views

Synology DiskStation Manager Information Disclosure Vulnerability (CNVD-2019-03278)

Synology DiskStation Manager DSM is an operating system for use on Network Storage Servers NAS from Synology. The operating system manages information such as data, files, photos, music, and more. An information disclosure vulnerability exists in SYNO.Core.Desktop.SessionData in Synology DSM...

9.8CVSS6.4AI score0.01443EPSS
Exploits0References1
OSV
OSV
added 2018/12/24 3:29 p.m.5 views

CVE-2018-8917

Cross-site scripting XSS vulnerability in info.cgi in Synology DiskStation Manager DSM before 6.1.6-15266 allows remote attackers to inject arbitrary web script or HTML via the host parameter...

5.4CVSS5.9AI score0.00803EPSS
Exploits0References1
CVE
CVE
added 2018/12/24 3:0 p.m.54 views

CVE-2018-8920

CVE-2018-8920 affects Synology DiskStation Manager (DSM) prior to 6.1.6-15266, via the Log Exporter. The root cause is improper neutralization of escape characters when exporting an archive in CSV format, enabling remote attackers to inject arbitrary content with an unspecified impact. The vulner...

7.2CVSS7AI score0.01027EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2018/12/24 12:0 a.m.4 views

PT-2018-18718 · Synology · Synology Diskstation Manager

Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 6.1.6-15266 Description: The issue is related to improper neutralization of escape in the Log Exporter component, allowing remote attackers to inject arbitrary content when exporting an archi...

7.2CVSS7.3AI score0.01027EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2018/12/24 12:0 a.m.6 views

PT-2018-18717 · Synology · Synology Diskstation Manager

Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 6.1.6-15266 Description: The issue allows remote attackers to steal credentials. Recommendations: For versions prior to 6.1.6-15266, update to version 6.1.6-15266 or later to resolve the issu...

9.8CVSS7.3AI score0.01443EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2018/12/24 12:0 a.m.5 views

PT-2018-18715 · Synology · Synology Diskstation Manager

Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 6.1.6-15266 Description: A cross-site scripting XSS issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the host parameter in the info.cgi...

6.5CVSS6.1AI score0.00803EPSS
Exploits0References3
Rows per page
Query Builder