Filtered by vendor Synametrics Subscriptions
Filtered by product Synaman Subscriptions
Total 6 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-26251 1 Synametrics 1 Synaman 2024-11-21 7.2 High
The HTTP interface of Synaman v5.1 and below was discovered to allow authenticated attackers to execute arbitrary code and escalate privileges.
CVE-2022-26250 1 Synametrics 1 Synaman 2024-11-21 7.8 High
Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated attackers to escalate privileges.
CVE-2022-22828 1 Synametrics 1 Synaman 2024-11-21 7.5 High
An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string.
CVE-2018-10814 1 Synametrics 1 Synaman 2024-11-21 N/A
Synametrics SynaMan 4.0 build 1488 uses cleartext password storage for SMTP credentials.
CVE-2018-10763 1 Synametrics 1 Synaman 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Synametrics SynaMan 4.0 build 1488 via the (1) Main heading or (2) Sub heading fields in the Partial Branding configuration page.
CVE-2015-3140 1 Synametrics 3 Synaman, Syncrify, Syntail 2024-11-21 8.8 High
Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies SynaMan before 3.5 Build 1451, Syncrify before 3.7 Build 856, and SynTail before 1.5 Build 567