8 matches found
CVE-2022-36533
Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below was discovered to contain a cross-site scripting XSS vulnerability...
CVE-2022-36536
An issue in the component postapplogin.php of Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below allows attackers to escalate privileges via creating crafted session tokens...
Cross site scripting
Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below was discovered to contain a cross-site scripting XSS vulnerability...
Design/Logic Flaw
An issue in the component postapplogin.php of Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below allows attackers to escalate privileges via creating crafted session tokens...
CVE-2022-36536
CVE-2022-36536 affects Syncovery for Linux (Super Flexible Software) in the post_applogin.php component. Multiple sources (NVD, Red Hat, CVE lists) describe an insecure session token generation that enables privilege escalation via crafted tokens in v9.47x and earlier. The published CVSS 3.1 base...
CVE-2022-36536
An issue in the component postapplogin.php of Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below allows attackers to escalate privileges via creating crafted session tokens...
CVE-2022-36533
Syncovery for Linux (Super Flexible Software Syncovery, v9.47x and earlier) is affected by an XSS vulnerability caused by missing output encoding on error and status pages, enabling Reflective XSS via a crafted link. Public descriptions confirm exploitable behavior and versions affected up to at ...
CVE-2022-36533
Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below was discovered to contain a cross-site scripting XSS vulnerability...