CVE-2023-46788

Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter in the 'uploadphoto' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database...

PT-2023-30216 · Unknown · Online Matrimonial Project

Name of the Vulnerable Software and Affected Versions: Online Matrimonial Project version 1.0 Description: The issue concerns unauthenticated SQL Injection vulnerabilities. Specifically, the id parameter in the uploadphoto function of the functions.php resource does not validate the characters...

Synology Photo Station Path Traversal Vulnerability

Synology Photo Station is a solution for sharing pictures, videos and blogs over the Internet from Synology Inc. of Taiwan, China. A path traversal vulnerability exists in SYNO.PhotoStation.File in Synology Photo Station versions prior to 6.8.11-3489 and prior to 6.3-2977. A remote attacker can...

CVE-2019-11822

Relative path traversal vulnerability in SYNO.PhotoStation.File in Synology Photo Station before 6.8.11-3489 and before 6.3-2977 allows remote attackers to upload arbitrary files via the uploadphoto parameter...

CVE-2019-11822

Synology Photo Station contains a relative path traversal in SYNO.PhotoStation.File that lets remote attackers upload arbitrary files via the uploadphoto parameter. Affected versions are Synology Photo Station prior to 6.8.11-3489 and prior to 6.3-2977. The root cause is a path traversal vulnerab...

PT-2019-12509 · Synology · Synology Photo Station

Name of the Vulnerable Software and Affected Versions: Synology Photo Station versions prior to 6.8.11-3489 Synology Photo Station versions prior to 6.3-2977 Description: The issue allows remote attackers to upload arbitrary files via the uploadphoto parameter, due to a relative path traversal...