NotCVE - vendor:"Syncovery" product:"Syncovery" version:" >= 8.00

3 results (0.006 seconds)

CVSS: 9.8EPSS: 3%CPEs: 2EXPL: 1

CVE-2022-36536 – Syncovery For Linux Web-GUI Session Token Brute-Forcer

https://notcve.org/view.php?id=CVE-2022-36536

An issue in the component post_applogin.php of Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below allows attackers to escalate privileges via creating crafted session tokens. Un problema en el componente post_applogin.php de Super Flexible Software GmbH & Co. KG Syncovery 9 para Linux versiones v9.47x y anteriores, permite a atacantes escalar privilegios por medio de la creación de tokens de sesión diseñados • http://super.com http://syncovery.com https://www.mgm-sp.com/en/multiple-vulnerabilities-in-syncovery-for-linux • CWE-330: Use of Insufficiently Random Values •

CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 1

CVE-2022-36533

https://notcve.org/view.php?id=CVE-2022-36533

Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below was discovered to contain a cross-site scripting (XSS) vulnerability. Se ha detectado que Super Flexible Software GmbH & Co. KG Syncovery 9 para Linux versiones v9.47x y anteriores, contiene una vulnerabilidad de tipo cross-site scripting (XSS) • http://super.com http://syncovery.com https://www.mgm-sp.com/en/multiple-vulnerabilities-in-syncovery-for-linux • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 28%CPEs: 2EXPL: 2

CVE-2022-36534 – Syncovery For Linux Web-GUI Authenticated Remote Command Execution

https://notcve.org/view.php?id=CVE-2022-36534

Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below was discovered to contain multiple remote code execution (RCE) vulnerabilities via the Job_ExecuteBefore and Job_ExecuteAfter parameters at post_profilesettings.php. Se ha detectado que Super Flexible Software GmbH & Co. KG Syncovery 9 para Linux versiones v9.47x y anteriores, contiene múltiples vulnerabilidades de ejecución de código remota (RCE) por medio de los parámetros Job_ExecuteBefore y Job_ExecuteAfter en el archivo post_profilesettings.php • http://packetstormsecurity.com/files/170245/Syncovery-For-Linux-Web-GUI-Authenticated-Remote-Command-Execution.html http://super.com http://syncovery.com https://www.mgm-sp.com/en/multiple-vulnerabilities-in-syncovery-for-linux •