Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-26250 | 1 Synametrics | 1 Synaman | 2022-04-13 | 4.6 MEDIUM | 7.8 HIGH |
Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated attackers to escalate privileges. | |||||
CVE-2022-26251 | 1 Synametrics | 1 Synaman | 2022-04-13 | 9.0 HIGH | 7.2 HIGH |
The HTTP interface of Synaman v5.1 and below was discovered to allow authenticated attackers to execute arbitrary code and escalate privileges. | |||||
CVE-2022-22828 | 1 Synametrics | 1 Synaman | 2022-02-02 | 5.0 MEDIUM | 7.5 HIGH |
An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string. | |||||
CVE-2015-3140 | 1 Synametrics | 3 Synaman, Syncrify, Syntail | 2019-12-04 | 6.8 MEDIUM | 8.8 HIGH |
Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies SynaMan before 3.5 Build 1451, Syncrify before 3.7 Build 856, and SynTail before 1.5 Build 567 | |||||
CVE-2018-10814 | 1 Synametrics | 1 Synaman | 2019-10-02 | 2.1 LOW | 7.8 HIGH |
Synametrics SynaMan 4.0 build 1488 uses cleartext password storage for SMTP credentials. | |||||
CVE-2018-10763 | 1 Synametrics | 1 Synaman | 2018-11-09 | 3.5 LOW | 4.8 MEDIUM |
Multiple cross-site scripting (XSS) vulnerabilities in Synametrics SynaMan 4.0 build 1488 via the (1) Main heading or (2) Sub heading fields in the Partial Branding configuration page. |