Page 4 of 16 results (0.001 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Files or directories accessible to external parties vulnerability in picasa.php in Synology Photo Station before 6.8.1-3458 and before 6.3-2970 allows remote attackers to obtain arbitrary files via prog_id field. Vulnerabilidad de archivos o directorios accesibles para terceros en picasa.php en Synology Photo Station en versiones anteriores a la 6.8.1-3458 y a la 6.3-2970 permite que atacantes remotos obtengan archivos arbitrarios mediante el campo prog_id. • https://www.synology.com/en-global/support/security/Synology_SA_17_63_Photo_Station • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-552: Files or Directories Accessible to External Parties •