CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Synology: >> Photo Station >> 6.8.2-3461 Security Vulnerabilities

CVE-2017-16771

Cross-site scripting (XSS) vulnerability in Log Viewer in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote attackers to inject arbitrary web script or HTML via the username parameter.

CVSS Score

6.1

EPSS Score

0.003

Published

2018-03-22

CVE-2017-16772

Improper input validation vulnerability in SYNOPHOTO_Flickr_MultiUpload in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote authenticated users to execute arbitrary codes via the prog_id parameter.

CVSS Score

8.8

EPSS Score

0.014

Published

2018-03-22

Page 2

Vulnerabilities

Vulnerable Software

Synology: >> Photo Station >> 6.8.2-3461 Security Vulnerabilities

Products

Pricing

Contact Us