Menghuan Yu

**Name of the Vulnerable Software and Affected Versions** Synology Photo Station versions prior to 6.8.11-3489 Synology Photo Station versions prior to 6.3-2977 **Description** The issue allows remote attackers to execute arbitrary SQL commands via the `type` parameter in the synophoto csPhotoDB.php file. This enables attackers to manipulate the database, potentially leading to unauthorized data access or modification. **Recommendations** For versions prior to 6.8.11-3489, update to version 6.8.11-3489 or later. For versions prior to 6.3-2977, update to version 6.3-2977 or later. As a temporary workaround, consider restricting access to the synophoto csPhotoDB.php file to minimize the risk of exploitation. Avoid using the `type` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Synology Photo Station versions prior to 6.8.11-3489 Synology Photo Station versions prior to 6.3-2977 **Description** The issue allows remote attackers to upload arbitrary files via the `uploadphoto` parameter, due to a relative path traversal vulnerability in SYNO.PhotoStation.File. **Recommendations** For versions prior to 6.8.11-3489, update to version 6.8.11-3489 or later. For versions prior to 6.3-2977, update to version 6.3-2977 or later.