Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Synaman
(Synametrics)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 6 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-01-27 | CVE-2022-22828 | An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string. | Synaman | 7.5 | ||
| 2022-04-06 | CVE-2022-26250 | Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated attackers to escalate privileges. | Synaman | 7.8 | ||
| 2022-04-06 | CVE-2022-26251 | The HTTP interface of Synaman v5.1 and below was discovered to allow authenticated attackers to execute arbitrary code and escalate privileges. | Synaman | 7.2 | ||
| 2019-11-21 | CVE-2015-3140 | Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies SynaMan before 3.5 Build 1451, Syncrify before 3.7 Build 856, and SynTail before 1.5 Build 567 | Synaman, Syncrify, Syntail | N/A | ||
| 2018-09-14 | CVE-2018-10814 | Synametrics SynaMan 4.0 build 1488 uses cleartext password storage for SMTP credentials. | Synaman | 7.8 | ||
| 2018-09-14 | CVE-2018-10763 | Multiple cross-site scripting (XSS) vulnerabilities in Synametrics SynaMan 4.0 build 1488 via the (1) Main heading or (2) Sub heading fields in the Partial Branding configuration page. | Synaman | 4.8 |