Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
photo station vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-47561
A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Photo Station 6.4.2 ( 20...
Qnap Photo Station
NA
CVE-2023-47562
An OS command injection vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: Photo Station 6.4.2 ( 2023/12/15 )...
Qnap Photo Station
383
VMScore
CVE-2018-19954
The cross-site scripting vulnerability has been reported to affect earlier versions of Photo Station. If exploited, the vulnerability could allow remote malicious users to inject malicious code. This issue affects: QNAP Systems Inc. Photo Station versions before 5.7.11; versions ...
Qnap Photo Station
383
VMScore
CVE-2018-19955
The cross-site scripting vulnerability has been reported to affect earlier versions of Photo Station. If exploited, the vulnerability could allow remote malicious users to inject malicious code. This issue affects: QNAP Systems Inc. Photo Station versions before 5.7.11; versions ...
Qnap Photo Station
383
VMScore
CVE-2018-19956
The cross-site scripting vulnerability has been reported to affect earlier versions of Photo Station. If exploited, the vulnerability could allow remote malicious users to inject malicious code. This issue affects: QNAP Systems Inc. Photo Station versions before 5.7.11; versions ...
Qnap Photo Station
356
VMScore
CVE-2017-12071
Server-side request forgery (SSRF) vulnerability in file_upload.php in Synology Photo Station prior to 6.7.4-3433 and 6.3-2968 allows remote authenticated users to download arbitrary local files via the url parameter.
Synology Photo Station
312
VMScore
CVE-2017-9555
Cross-site scripting (XSS) vulnerability in PixlrEditorHandler.php in Synology Photo Station prior to 6.7.0-3414 allows remote malicious users to inject arbitrary web script or HTML via the image parameter.
Synology Photo Station
605
VMScore
CVE-2018-13282
Session fixation vulnerability in SYNO.PhotoStation.Auth in Synology Photo Station prior to 6.8.7-3481 allows remote malicious users to hijack web sessions via the PHPSESSID parameter.
Synology Photo Station
578
VMScore
CVE-2017-16772
Improper input validation vulnerability in SYNOPHOTO_Flickr_MultiUpload in Synology Photo Station prior to 6.8.3-3463 and prior to 6.3-2971 allows remote authenticated users to execute arbitrary codes via the prog_id parameter.
Synology Photo Station
801
VMScore
CVE-2021-29090
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in PHP component in Synology Photo Station prior to 6.8.14-3500 allows remote authenticated users to execute arbitrary SQL command via unspecified vectors.
Synology Photo Station
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »