Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Synametrics Subscribe
Filtered by product Synaman
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-26251 1 Synametrics 1 Synaman 2024-02-04 9.0 HIGH 7.2 HIGH
The HTTP interface of Synaman v5.1 and below was discovered to allow authenticated attackers to execute arbitrary code and escalate privileges.
CVE-2022-26250 1 Synametrics 1 Synaman 2024-02-04 4.6 MEDIUM 7.8 HIGH
Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated attackers to escalate privileges.
CVE-2022-22828 1 Synametrics 1 Synaman 2024-02-04 5.0 MEDIUM 7.5 HIGH
An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string.
CVE-2015-3140 1 Synametrics 3 Synaman, Syncrify, Syntail 2024-02-04 6.8 MEDIUM 8.8 HIGH
Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies SynaMan before 3.5 Build 1451, Syncrify before 3.7 Build 856, and SynTail before 1.5 Build 567
CVE-2018-10763 1 Synametrics 1 Synaman 2024-02-04 3.5 LOW 4.8 MEDIUM
Multiple cross-site scripting (XSS) vulnerabilities in Synametrics SynaMan 4.0 build 1488 via the (1) Main heading or (2) Sub heading fields in the Partial Branding configuration page.
CVE-2018-10814 1 Synametrics 1 Synaman 2024-02-04 2.1 LOW 7.8 HIGH
Synametrics SynaMan 4.0 build 1488 uses cleartext password storage for SMTP credentials.