Vulnerabilities > Synel

DATE CVE VULNERABILITY TITLE RISK
2023-09-03 CVE-2023-37220 Unspecified vulnerability in Synel products
Synel Terminals - CWE-494: Download of Code Without Integrity Check
network
low complexity
synel
critical
9.8
2023-07-30 CVE-2023-32227 Use of Hard-coded Credentials vulnerability in Synel Synergy/A Firmware
Synel SYnergy Fingerprint Terminals - CWE-798: Use of Hard-coded Credentials
network
low complexity
synel CWE-798
critical
9.8
2023-07-30 CVE-2023-37213 OS Command Injection vulnerability in Synel Synergy/A Firmware
Synel SYnergy Fingerprint Terminals - CWE-78: 'OS Command Injection'
network
low complexity
synel CWE-78
critical
9.8
2022-09-13 CVE-2022-36778 Cross-site Scripting vulnerability in Synel Eharmony 8.0.2.3
insert HTML / js code inside input how to get to the vulnerable input : Workers > worker nickname > inject in this input the code.
network
low complexity
synel CWE-79
5.4
2022-01-28 CVE-2022-22790 Path Traversal vulnerability in Synel Eharmony 8.0.2.3
SYNEL - eharmony Directory Traversal.
network
low complexity
synel CWE-22
7.5
2022-01-28 CVE-2022-22791 Cross-site Scripting vulnerability in Synel Eharmony 8.0.2.3
SYNEL - eharmony Authenticated Blind & Stored XSS.
network
low complexity
synel CWE-79
5.4
2021-12-08 CVE-2021-36718 Improper Authentication vulnerability in Synel Eharmonynew and Synel Reports
SYNEL - eharmonynew / Synel Reports - The attacker can log in to the system with default credentials and export a report of eharmony system with sensetive data (Employee name, Employee ID number, Working hours etc') The vulnerabilety has been addressed and fixed on version 11.
network
low complexity
synel CWE-287
6.5