3 matches found
CVE-2018-8925
Cross-site request forgery CSRF vulnerability in admin/user.php in Synology Photo Station before 6.8.5-3471 and before 6.3-2975 allows remote attackers to hijack the authentication of administrators via the 1 username, 2 password, 3 admin, 4 action, 5 uid, or 6 modifyadmin parameter...
CVE-2018-8925
Synology Photo Station is affected by a CSRF in admin/user.php. The vulnerability exists in versions prior to 6.8.5-3471 and prior to 6.3-2975, allowing remote attackers to hijack administrator authentication via several parameters (username, password, admin, action, uid, modify_admin). The issue...
CVE-2018-8925
Cross-site request forgery CSRF vulnerability in admin/user.php in Synology Photo Station before 6.8.5-3471 and before 6.3-2975 allows remote attackers to hijack the authentication of administrators via the 1 username, 2 password, 3 admin, 4 action, 5 uid, or 6 modifyadmin parameter...