Vulnerabilities > Qnap > Photo Station
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-02 | CVE-2018-19955 | Cross-site Scripting vulnerability in Qnap Photo Station The cross-site scripting vulnerability has been reported to affect earlier versions of Photo Station. | 6.1 |
| 2020-11-02 | CVE-2018-19954 | Cross-site Scripting vulnerability in Qnap Photo Station The cross-site scripting vulnerability has been reported to affect earlier versions of Photo Station. | 6.1 |
| 2019-12-05 | CVE-2019-7195 | Path Traversal vulnerability in Qnap Photo Station This external control of file name or path vulnerability allows remote attackers to access or modify system files. | 9.8 |
| 2019-12-05 | CVE-2019-7194 | Path Traversal vulnerability in Qnap Photo Station This external control of file name or path vulnerability allows remote attackers to access or modify system files. | 9.8 |
| 2019-12-05 | CVE-2019-7192 | Incorrect Authorization vulnerability in Qnap Photo Station This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. | 9.8 |
| 2019-02-01 | CVE-2018-0722 | Path Traversal vulnerability in Qnap Photo Station Path Traversal vulnerability in Photo Station versions: 5.7.2 and earlier in QTS 4.3.4, 5.4.4 and earlier in QTS 4.3.3, 5.2.8 and earlier in QTS 4.2.6 could allow remote attackers to access sensitive information on the device. | 7.5 |
| 2018-08-27 | CVE-2018-0715 | Cross-site Scripting vulnerability in Qnap Photo Station Cross-site scripting vulnerability in QNAP Photo Station versions 5.7.0 and earlier could allow remote attackers to inject Javascript code in the compromised application. | 6.1 |
| 2018-04-23 | CVE-2017-13073 | Cross-site Scripting vulnerability in Qnap Photo Station Cross-site scripting (XSS) vulnerability in QNAP NAS application Photo Station versions 5.2.7, 5.4.3, and their earlier versions could allow remote attackers to inject arbitrary web script or HTML. | 6.1 |