3 matches found
CVE-2021-29090
Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in PHP component in Synology Photo Station before 6.8.14-3500 allows remote authenticated users to execute arbitrary SQL command via unspecified vectors...
CVE-2021-29090
The CVE-2021-29090 entry describes an SQL injection vulnerability in Synology Photo Station’s PHP component, where improper neutralization of input enables arbitrary SQL execution. Affected product: Synology Photo Station (before version 6.8.14-3500). Attack scenario requires remote authenticated...
CVE-2021-29090
Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in PHP component in Synology Photo Station before 6.8.14-3500 allows remote authenticated users to execute arbitrary SQL command via unspecified vectors...