RSS   Vulnerabilities for 'File station'   RSS

2019-04-01
 
CVE-2018-13288

CWE-200
 

 
Information exposure vulnerability in SYNO.FolderSharing.List in Synology File Station before 1.2.3-0252 and before 1.1.5-0125 allows remote attackers to obtain sensitive information via the (1) folder_path or (2) real_path parameter.

 
2018-06-05
 
CVE-2018-8923

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology File Station before 1.1.4-0122 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments.

 
2017-12-08
 
CVE-2017-15893

CWE-22
 

 
Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology File Station before 1.1.1-0099 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter.

 

 >>> Vendor: Synology 42 Products
Directory server
Office
Media server
Calendar
DSM
Diskstation manager
Photo station
Synology photo station
Ds photo+
Ds file
Ds audio
Cloud station
Download station
Video station
Note station
Audio station
CHAT
Photo station uploader
Assistant
Dns server
Router manager
Cloud station backup
Cloud station drive
Skynas
Virtual diskstation manager
Vs960hd firmware
Drive
File station
Ds107 firmware
Ds116 firmware
Ds213 firmware
Vs960hd
Mailplus server
Ssl vpn client
Moments
Application service
Carddav server
Universal search
Surveillance station
Safeaccess
Diskstation manager unified controller
Mail station


Copyright 2024, cxsecurity.com

 

Back to Top