VYPR
Vendor

Synametrics

Products
4
CVEs
7
Across products
9
Status
Private

Products

4

Recent CVEs

7
  • CVE-2015-3140HigNov 21, 2019
    risk 0.60cvss 8.8epss 0.01

    Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies SynaMan before 3.5 Build 1451, Syncrify before 3.7 Build 856, and SynTail before 1.5 Build 567

  • CVE-2018-10814HigSep 14, 2018
    risk 0.54cvss 7.8epss 0.01

    Synametrics SynaMan 4.0 build 1488 uses cleartext password storage for SMTP credentials.

  • CVE-2022-22828HigJan 27, 2022
    risk 0.49cvss 7.5epss 0.02

    An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string.

  • CVE-2022-26251HigApr 6, 2022
    risk 0.47cvss 7.2epss 0.02

    The HTTP interface of Synaman v5.1 and below was discovered to allow authenticated attackers to execute arbitrary code and escalate privileges.

  • CVE-2018-10763MedSep 14, 2018
    risk 0.34cvss 4.8epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in Synametrics SynaMan 4.0 build 1488 via the (1) Main heading or (2) Sub heading fields in the Partial Branding configuration page.

  • CVE-2015-3141May 20, 2015
    risk 0.03cvss epss 0.02

    Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies Xeams 4.5 Build 5755 and earlier allow remote attackers to hijack the authentication of administrators for requests that create an (1) SMTP domain or a (2) user via a request to…

  • CVE-2012-2569Jun 19, 2014
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in Synametrics Technologies Xeams 4.4 Build 5720 allows remote attackers to inject arbitrary web script or HTML via the body of an email.