Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
terra-master tos vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-13353
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows malicious users to execute commands via the "checkport" parameter.
Terra-master Terramaster Operating System 3.1.03
6.5
CVSSv3
CVE-2018-13355
Incorrect access controls in ajaxdata.php in TerraMaster TOS version 3.1.03 allow malicious users to create user groups without proper authorization.
Terra-master Terramaster Operating System 3.1.03
8.8
CVSSv3
CVE-2018-13359
Cross-site scripting in usertable.php in TerraMaster TOS version 3.1.03 allows malicious users to execute JavaScript via the "modgroup" parameter.
Terra-master Terramaster Operating System 3.1.03
8.8
CVSSv3
CVE-2018-13418
System command injection in ajaxdata.php in TerraMaster TOS 3.1.03 allows malicious users to execute system commands via the "newname" parameter.
Terra-master Terramaster Operating System 3.1.03
9.8
CVSSv3
CVE-2018-13354
System command injection in logtable.php in TerraMaster TOS version 3.1.03 allows malicious users to execute system commands via the "Event" parameter.
Terra-master Terramaster Operating System 3.1.03
8.8
CVSSv3
CVE-2018-13358
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows malicious users to execute system commands via the "checkName" parameter.
Terra-master Terramaster Operating System 3.1.03
5.3
CVSSv3
CVE-2018-13361
User enumeration in usertable.php in TerraMaster TOS version 3.1.03 allows malicious users to list all system users via the "modgroup" parameter.
Terra-master Terramaster Operating System 3.1.03
6.1
CVSSv3
CVE-2018-13329
Cross-site scripting in ajaxdata.php in TerraMaster TOS version 3.1.03 allows malicious users to execute JavaScript via the "lines" URL parameter.
Terra-master Terramaster Operating System 3.1.03
6.1
CVSSv3
CVE-2018-13334
Cross-site scripting in handle.php in TerraMaster TOS version 3.1.03 allows malicious users to execute JavaScript via the "options[sysname]" parameter.
Terra-master Terramaster Operating System 3.1.03
5.4
CVSSv3
CVE-2018-13337
Session Fixation in the web application for TerraMaster TOS version 3.1.03 allows malicious users to control users' session cookies via JavaScript.
Terra-master Terramaster Operating System 3.1.03
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »