Synaman Security Vulnerabilities and Issues — Synaman CVE List

Lucene search

SynametricsSynaman

6 matches found

CVE•added 2022/04/06 1:15 a.m.•67 views

CVE-2022-26250

Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated attackers to escalate privileges.

7.8CVSS7.7AI score0.00043EPSS

CVE•added 2022/04/06 1:15 a.m.•63 views

CVE-2022-26251

The HTTP interface of Synaman v5.1 and below was discovered to allow authenticated attackers to execute arbitrary code and escalate privileges.

9CVSS7.4AI score0.01476EPSS

CVE•added 2019/11/21 10:15 p.m.•57 views

CVE-2015-3140

Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies SynaMan before 3.5 Build 1451, Syncrify before 3.7 Build 856, and SynTail before 1.5 Build 567

8.8CVSS8.8AI score0.00166EPSS

CVE•added 2018/09/14 9:29 p.m.•52 views

CVE-2018-10763

Multiple cross-site scripting (XSS) vulnerabilities in Synametrics SynaMan 4.0 build 1488 via the (1) Main heading or (2) Sub heading fields in the Partial Branding configuration page.

4.8CVSS5AI score0.00229EPSS

CVE•added 2018/09/14 9:29 p.m.•52 views

CVE-2018-10814

Synametrics SynaMan 4.0 build 1488 uses cleartext password storage for SMTP credentials.

7.8CVSS7.7AI score0.00196EPSS

CVE•added 2022/01/27 6:15 a.m.•43 views

CVE-2022-22828

An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string.

7.5CVSS7.4AI score0.00737EPSS