Vulnerabilities (CVE)

Filtered by vendor Synology Subscribe
Filtered by product File Station
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-8923 1 Synology 1 File Station 2024-11-21 3.5 LOW 6.5 MEDIUM
Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology File Station before 1.1.4-0122 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments.
CVE-2018-13288 1 Synology 1 File Station 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
Information exposure vulnerability in SYNO.FolderSharing.List in Synology File Station before 1.2.3-0252 and before 1.1.5-0125 allows remote attackers to obtain sensitive information via the (1) folder_path or (2) real_path parameter.
CVE-2017-15893 1 Synology 1 File Station 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology File Station before 1.1.1-0099 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter.