ReportizFlow
Filtered by vendor Terra-master
Subscriptions
Total
47 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-13334 | 1 Terra-master | 1 Terramaster Operating System | 2024-11-21 | N/A |
| Cross-site scripting in handle.php in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "options[sysname]" parameter. | ||||
| CVE-2018-13333 | 1 Terra-master | 1 Terramaster Operating System | 2024-11-21 | N/A |
| Cross-site scripting in File Manager in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript in the permissions window by placing JavaScript in users' usernames. | ||||
| CVE-2018-13332 | 1 Terra-master | 1 Terramaster Operating System | 2024-11-21 | N/A |
| Directory Traversal in the explorer application in TerraMaster TOS version 3.1.03 allows attackers to upload files to arbitrary locations via the "path" URL parameter. | ||||
| CVE-2018-13331 | 1 Terra-master | 1 Terramaster Operating System | 2024-11-21 | N/A |
| Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing users by placing JavaScript in their usernames. | ||||
| CVE-2018-13330 | 1 Terra-master | 1 Terramaster Operating System | 2024-11-21 | N/A |
| System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands during group creation via the "groupname" parameter. | ||||
| CVE-2018-13329 | 1 Terra-master | 1 Terramaster Operating System | 2024-11-21 | N/A |
| Cross-site scripting in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "lines" URL parameter. | ||||
| CVE-2017-9328 | 1 Terra-master | 1 Terramaster Operating System | 2024-11-21 | N/A |
| Shell metacharacter injection vulnerability in /usr/www/include/ajax/GetTest.php in TerraMaster TOS before 3.0.34 leads to remote code execution as root. | ||||