5 matches found
CVE-2022-22828
An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string...
CVE-2022-22828
creationtimestamp| type| source ---|---|--- 2022-01-27 12:20:28+00:00| seen| https://t.me/cibsecurity/36367 2022-01-29 03:29:45+00:00| published-proof-of-concept| https://t.me/intelexch/7698...
CVE-2022-22828
An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string...
CVE-2022-22828
Synametrics SynaMan prior to version 5.0 is affected by CVE-2022-22828 due to an insecure direct object reference in the file-download URL. An attacker can access unshared files by modifying the base64-encoded filename string, enabling remote file disclosure. The vulnerability is exposed via the ...
CVE-2022-22828
An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string...