Vulnerabilities > Qnap > Photo Station > 5.2.3

DATE CVE VULNERABILITY TITLE RISK
2019-02-01 CVE-2018-0722 Path Traversal vulnerability in Qnap Photo Station
Path Traversal vulnerability in Photo Station versions: 5.7.2 and earlier in QTS 4.3.4, 5.4.4 and earlier in QTS 4.3.3, 5.2.8 and earlier in QTS 4.2.6 could allow remote attackers to access sensitive information on the device.
network
low complexity
qnap CWE-22
7.5
2018-08-27 CVE-2018-0715 Cross-site Scripting vulnerability in Qnap Photo Station
Cross-site scripting vulnerability in QNAP Photo Station versions 5.7.0 and earlier could allow remote attackers to inject Javascript code in the compromised application.
network
low complexity
qnap CWE-79
6.1
2018-04-23 CVE-2017-13073 Cross-site Scripting vulnerability in Qnap Photo Station
Cross-site scripting (XSS) vulnerability in QNAP NAS application Photo Station versions 5.2.7, 5.4.3, and their earlier versions could allow remote attackers to inject arbitrary web script or HTML.
network
low complexity
qnap CWE-79
6.1