2 matches found
CVE-2018-13299
Relative path traversal vulnerability in Attachment Uploader in Synology Calendar before 2.2.2-0532 allows remote authenticated users to upload arbitrary files via the filename parameter...
CVE-2018-13299
CVE-2018-13299 affects Synology Calendar’s Attachment Uploader. A relative path traversal vulnerability in versions before 2.2.2-0532 allows remote authenticated users to upload arbitrary files via the filename parameter. The issue arises from how the filename is processed, enabling access to loc...