CVE-2018-13295
https://notcve.org/view.php?id=CVE-2018-13295
Information exposure vulnerability in SYNO.Personal.Application.Info in Synology Application Service before 1.5.4-0320 allows remote authenticated users to obtain sensitive system information via the version parameter. Una vulnerabilidad de exposición de información en SYNO.Personal.Application.Info en Synology Application Service, en versiones anteriores a la 1.5.4-0320, permite a los usuarios remotos autenticados obtener información sensible del sistema mediante el parámetro version. • https://www.synology.com/security/advisory/Synology_SA_18_40 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2018-13294
https://notcve.org/view.php?id=CVE-2018-13294
Information exposure vulnerability in SYNO.Personal.Profile in Synology Application Service before 1.5.4-0320 allows remote authenticated users to obtain sensitive system information via the uid parameter. Una vulnerabilidad de exposición de información en SYNO.Personal.Profile en Synology Application Service, en versiones anteriores a la 1.5.4-0320, permite a los usuarios remotos autenticados obtener información sensible del sistema mediante el parámetro uid. • https://www.synology.com/security/advisory/Synology_SA_18_40 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •