RSS   Podatności dla 'Synaman'   RSS

2022-04-06
 
CVE-2022-26250

CWE-732
 

 
Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated attackers to escalate privileges.

 
 
CVE-2022-26251

CWE-269
 

 
The HTTP interface of Synaman v5.1 and below was discovered to allow authenticated attackers to execute arbitrary code and escalate privileges.

 
2022-01-27
 
CVE-2022-22828

CWE-639
 

 
An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string.

 
2019-11-21
 
CVE-2015-3140

CWE-352
 

 
Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies SynaMan before 3.5 Build 1451, Syncrify before 3.7 Build 856, and SynTail before 1.5 Build 567

 
2018-09-14
 
CVE-2018-10814

CWE-522
 

 
Synametrics SynaMan 4.0 build 1488 uses cleartext password storage for SMTP credentials.

 
 
CVE-2018-10763

CWE-79
 

 
Multiple cross-site scripting (XSS) vulnerabilities in Synametrics SynaMan 4.0 build 1488 via the (1) Main heading or (2) Sub heading fields in the Partial Branding configuration page.

 

 >>> Vendor: Synametrics 4 Produkty
Xeams
Synaman
Syncrify
Syntail


Copyright 2024, cxsecurity.com

 

Back to Top