Vulnerabilities > Qnap > Photo Station > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-02 | CVE-2023-47561 | Cross-site Scripting vulnerability in Qnap Photo Station A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. | 5.4 |
| 2021-02-17 | CVE-2020-2502 | Cross-site Scripting vulnerability in Qnap Photo Station This cross-site scripting vulnerability in Photo Station allows remote attackers to inject malicious code. | 4.3 |
| 2020-12-10 | CVE-2020-2491 | Cross-site Scripting vulnerability in Qnap Photo Station This cross-site scripting vulnerability in Photo Station allows remote attackers to inject malicious code. | 4.3 |
| 2020-11-02 | CVE-2018-19956 | Cross-site Scripting vulnerability in Qnap Photo Station The cross-site scripting vulnerability has been reported to affect earlier versions of Photo Station. | 6.1 |
| 2020-11-02 | CVE-2018-19955 | Cross-site Scripting vulnerability in Qnap Photo Station The cross-site scripting vulnerability has been reported to affect earlier versions of Photo Station. | 6.1 |
| 2020-11-02 | CVE-2018-19954 | Cross-site Scripting vulnerability in Qnap Photo Station The cross-site scripting vulnerability has been reported to affect earlier versions of Photo Station. | 6.1 |
| 2019-02-01 | CVE-2018-0722 | Path Traversal vulnerability in Qnap Photo Station Path Traversal vulnerability in Photo Station versions: 5.7.2 and earlier in QTS 4.3.4, 5.4.4 and earlier in QTS 4.3.3, 5.2.8 and earlier in QTS 4.2.6 could allow remote attackers to access sensitive information on the device. | 5.0 |
| 2018-08-27 | CVE-2018-0715 | Cross-site Scripting vulnerability in Qnap Photo Station Cross-site scripting vulnerability in QNAP Photo Station versions 5.7.0 and earlier could allow remote attackers to inject Javascript code in the compromised application. | 4.3 |
| 2018-04-23 | CVE-2017-13073 | Cross-site Scripting vulnerability in Qnap Photo Station Cross-site scripting (XSS) vulnerability in QNAP NAS application Photo Station versions 5.2.7, 5.4.3, and their earlier versions could allow remote attackers to inject arbitrary web script or HTML. | 4.3 |
| 2014-06-09 | CVE-2013-5760 | Information Exposure vulnerability in Qnap Photo Station and Photo Station Firmware QNAP Photo Station before firmware 4.0.3 build0912 allows remote attackers to list OS user accounts via a request to photo/p/api/list.php. | 5.0 |