Show filters
24 Total Results
Displaying 11-20 of 24
Sort by:
Attacker Value
Unknown

CVE-2018-13360

Disclosure Date: November 27, 2018 (last updated November 27, 2024)
Cross-site scripting in Text Editor in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "filename" URL parameter.
0
0
Attacker Value
Unknown

CVE-2018-13336

Disclosure Date: November 27, 2018 (last updated November 27, 2024)
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "pwd" parameter during user creation.
0
0
Attacker Value
Unknown

CVE-2018-13330

Disclosure Date: November 27, 2018 (last updated November 27, 2024)
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands during group creation via the "groupname" parameter.
0
0
Attacker Value
Unknown

CVE-2018-13358

Disclosure Date: November 27, 2018 (last updated November 27, 2024)
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "checkName" parameter.
0
0
Attacker Value
Unknown

CVE-2018-13338

Disclosure Date: November 27, 2018 (last updated November 27, 2024)
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "username" parameter during user creation.
0
0
Attacker Value
Unknown

CVE-2018-13335

Disclosure Date: November 27, 2018 (last updated November 27, 2024)
Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing shared folders via their descriptions.
0
0
Attacker Value
Unknown

CVE-2018-13355

Disclosure Date: November 27, 2018 (last updated November 27, 2024)
Incorrect access controls in ajaxdata.php in TerraMaster TOS version 3.1.03 allow attackers to create user groups without proper authorization.
0
0
Attacker Value
Unknown

CVE-2018-13418

Disclosure Date: November 27, 2018 (last updated November 27, 2024)
System command injection in ajaxdata.php in TerraMaster TOS 3.1.03 allows attackers to execute system commands via the "newname" parameter.
0
0
Attacker Value
Unknown

CVE-2018-13353

Disclosure Date: November 27, 2018 (last updated November 27, 2024)
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute commands via the "checkport" parameter.
0
0
Attacker Value
Unknown

CVE-2018-13354

Disclosure Date: November 27, 2018 (last updated November 27, 2024)
System command injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "Event" parameter.
0
0
View More Topics  < Previous  Next >