Synology Photo Station Cross-Site Scripting Vulnerability (CNVD-2018-01382)

Synology Photo Station is a Synology solution for sharing pictures, videos and blogs over the Internet. A cross-site scripting vulnerability exists in the PixlrEditorHandler.php file in Synology Photo Station versions prior to 6.8.0-3456. A remote attacker can exploit the vulnerability to inject...

CVE-2017-12072

Cross-site scripting XSS vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.8.0-3456 allows remote authenticated users to inject arbitrary web scripts or HTML via the id parameter...

Synology Photo Station Cross-Site Scripting Vulnerability (CNVD-2017-24391)

Synology Photo Station is a Synology solution for sharing pictures, videos and blogs over the Internet. A cross-site scripting vulnerability exists in the PixlrEditorHandler.php file in Synology Photo Station versions prior to 6.7.0-3414. A remote attacker can exploit the vulnerability to inject...

CVE-2017-11152

Directory traversal vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to write arbitrary files via the path parameter...