Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2019-11826

Relative path traversal vulnerability in SYNO.PhotoTeam.Upload.Item in Synology Moments before 1.3.0-0691 allows remote authenticated users to upload arbitrary files via the name parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.6%
CVSS Severity
CVSS v3 Score 8.0
CVSS v2 Score 6.5
Products affected by CVE-2019-11826
  • Synology » Moments » Version: 1.0.0-0433
    cpe:2.3:a:synology:moments:1.0.0-0433
  • Synology » Moments » Version: 1.0.1-0435
    cpe:2.3:a:synology:moments:1.0.1-0435
  • Synology » Moments » Version: 1.1.0-0505
    cpe:2.3:a:synology:moments:1.1.0-0505
  • Synology » Moments » Version: 1.1.1-0508
    cpe:2.3:a:synology:moments:1.1.1-0508
  • Synology » Moments » Version: 1.1.2-0511
    cpe:2.3:a:synology:moments:1.1.2-0511
  • Synology » Moments » Version: 1.2.0-0638
    cpe:2.3:a:synology:moments:1.2.0-0638
  • Synology » Moments » Version: 1.2.1-0646
    cpe:2.3:a:synology:moments:1.2.1-0646
  • Synology » Moments » Version: 1.2.3-199
    cpe:2.3:a:synology:moments:1.2.3-199


Contact Us

Shodan ® - All rights reserved