CVE-2019-11826

Summary

Relative path traversal vulnerability in SYNO.PhotoTeam.Upload.Item in Synology Moments before 1.3.0-0691 allows remote authenticated users to upload arbitrary files via the name parameter.

Affected Software

VendorProductVersion RangeStatus
SynologyPhoto Momentsunspecified < 1.3.0-0691affected

Weaknesses

  • CWE-23: Relative Path Traversal (CWE-23)

ADP Enrichment

CVE Program Container

Additional References

References