CVE-2019-7192
- EPSS 94.07%
- Published 05.12.2019 17:15:12
- Last modified 13.02.2025 14:18:25
This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. To fix these vulnerabilities, QNAP recommend updating Photo Station to their latest versions.
CVE-2018-0722
- EPSS 0.37%
- Published 01.02.2019 18:29:00
- Last modified 21.11.2024 03:38:48
Path Traversal vulnerability in Photo Station versions: 5.7.2 and earlier in QTS 4.3.4, 5.4.4 and earlier in QTS 4.3.3, 5.2.8 and earlier in QTS 4.2.6 could allow remote attackers to access sensitive information on the device.
CVE-2018-0715
- EPSS 4.36%
- Published 27.08.2018 13:29:00
- Last modified 21.11.2024 03:38:48
Cross-site scripting vulnerability in QNAP Photo Station versions 5.7.0 and earlier could allow remote attackers to inject Javascript code in the compromised application.
CVE-2017-13073
- EPSS 0.25%
- Published 23.04.2018 14:29:01
- Last modified 21.11.2024 03:10:54
Cross-site scripting (XSS) vulnerability in QNAP NAS application Photo Station versions 5.2.7, 5.4.3, and their earlier versions could allow remote attackers to inject arbitrary web script or HTML.