Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synology photo station vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-10329
Command injection vulnerability in login.php in Synology Photo Station prior to 6.5.3-3226 allows remote malicious users to execute arbitrary code via shell metacharacters in the crafted 'X-Forwarded-For' header.
Synology Photo Station
8.8
CVSSv3
CVE-2016-10322
Synology Photo Station prior to 6.3-2958 allows remote authenticated guest users to execute arbitrary commands via shell metacharacters in the X-Forwarded-For HTTP header to photo/login.php.
Synology Photo Station
7.8
CVSSv3
CVE-2016-10323
Synology Photo Station prior to 6.3-2958 allows local users to gain privileges by leveraging setuid execution of a "synophoto_dsm_user --copy-no-ea" command.
Synology Photo Station
NA
CVE-2015-4656
Multiple cross-site scripting (XSS) vulnerabilities in Synology Photo Station prior to 6.3-2945 allow remote malicious users to inject arbitrary web script or HTML via the (1) success parameter to login.php or (2) crafted URL parameters to index.php, as demonstrated by the t para...
Synology Photo Station
NA
CVE-2012-1556
Cross-site scripting (XSS) vulnerability in Synology Photo Station 5 for DiskStation Manager (DSM) 3.2-1955 allows remote malicious users to inject arbitrary web script or HTML via the name parameter to photo/photo_one.php.
Synology Diskstation Manager 3.2-1955
Synology Synology Photo Station 5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4