Количество 2
Количество 2
CVE-2024-29237
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in ActionRule.Delete webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to read database containing non-sensitive information and conduct limited denial-of-service attacks via unspecified vectors.
GHSA-whq5-gmv6-9878
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in ActionRule.Delete webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to inject SQL commands via unspecified vectors.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-29237 Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in ActionRule.Delete webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to read database containing non-sensitive information and conduct limited denial-of-service attacks via unspecified vectors. | CVSS3: 5.4 | 0% Низкий | почти 2 года назад |
| GHSA-whq5-gmv6-9878 Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in ActionRule.Delete webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to inject SQL commands via unspecified vectors. | CVSS3: 5.4 | 0% Низкий | почти 2 года назад |
Уязвимостей на страницу