Photo Station
Sign in to watchby Synology
CVEs (13)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-11153 | Cri | 0.68 | 9.8 | 0.15 | Aug 8, 2017 | Deserialization vulnerability in synophoto_csPhotoMisc.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to gain administrator privileges via a crafted serialized payload. | |
| CVE-2017-11151 | Cri | 0.68 | 9.8 | 0.15 | Aug 8, 2017 | A vulnerability in synotheme_upload.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to upload arbitrary files without authentication via the logo_upload action. | |
| CVE-2017-11161 | Cri | 0.64 | 9.8 | 0.01 | Sep 8, 2017 | Multiple SQL injection vulnerabilities in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to label.php; or (2) type parameter to synotheme.php. | |
| CVE-2016-10322 | Hig | 0.57 | 8.8 | 0.03 | Apr 10, 2017 | Synology Photo Station before 6.3-2958 allows remote authenticated guest users to execute arbitrary commands via shell metacharacters in the X-Forwarded-For HTTP header to photo/login.php. | |
| CVE-2017-11155 | Hig | 0.54 | 7.5 | 0.29 | Aug 8, 2017 | An information exposure vulnerability in index.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to obtain sensitive system information via unspecified vectors. | |
| CVE-2017-11152 | Hig | 0.53 | 7.5 | 0.14 | Aug 8, 2017 | Directory traversal vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to write arbitrary files via the path parameter. | |
| CVE-2017-9552 | Hig | 0.51 | 7.8 | 0.00 | Jun 13, 2017 | A design flaw in authentication in Synology Photo Station 6.0-2528 through 6.7.1-3419 allows local users to obtain credentials via cmdline. Synology Photo Station employs the synophoto_dsm_user program to authenticate username and password by "synophoto_dsm_user --auth USERNAME PASSWORD", and local users are able to obtain credentials by sniffing "/proc/*/cmdline". | |
| CVE-2016-10323 | Hig | 0.51 | 7.8 | 0.00 | Apr 10, 2017 | Synology Photo Station before 6.3-2958 allows local users to gain privileges by leveraging setuid execution of a "synophoto_dsm_user --copy-no-ea" command. | |
| CVE-2017-11154 | Hig | 0.50 | 7.2 | 0.07 | Aug 8, 2017 | Unrestricted file upload vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to create arbitrary PHP scripts via the type parameter. | |
| CVE-2017-12071 | Med | 0.42 | 6.5 | 0.00 | Sep 8, 2017 | Server-side request forgery (SSRF) vulnerability in file_upload.php in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to download arbitrary local files via the url parameter. | |
| CVE-2017-11162 | Med | 0.42 | 6.5 | 0.00 | Sep 8, 2017 | Directory traversal vulnerability in synphotoio in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to read arbitrary files via unspecified vectors. | |
| CVE-2017-9555 | Med | 0.35 | 5.4 | 0.00 | Aug 24, 2017 | Cross-site scripting (XSS) vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.0-3414 allows remote attackers to inject arbitrary web script or HTML via the image parameter. | |
| CVE-2015-4656 | 0.00 | — | 0.00 | Jun 18, 2015 | Multiple cross-site scripting (XSS) vulnerabilities in Synology Photo Station before 6.3-2945 allow remote attackers to inject arbitrary web script or HTML via the (1) success parameter to login.php or (2) crafted URL parameters to index.php, as demonstrated by the t parameter to photo/. |