Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Terra-master Subscribe
Filtered by product Terramaster Operating System
Total 28 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-13335 1 Terra-master 1 Terramaster Operating System 2024-11-21 3.5 LOW 5.4 MEDIUM
Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing shared folders via their descriptions.
CVE-2018-13334 1 Terra-master 1 Terramaster Operating System 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting in handle.php in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "options[sysname]" parameter.
CVE-2018-13333 1 Terra-master 1 Terramaster Operating System 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting in File Manager in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript in the permissions window by placing JavaScript in users' usernames.
CVE-2018-13332 1 Terra-master 1 Terramaster Operating System 2024-11-21 5.0 MEDIUM 7.5 HIGH
Directory Traversal in the explorer application in TerraMaster TOS version 3.1.03 allows attackers to upload files to arbitrary locations via the "path" URL parameter.
CVE-2018-13331 1 Terra-master 1 Terramaster Operating System 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing users by placing JavaScript in their usernames.
CVE-2018-13330 1 Terra-master 1 Terramaster Operating System 2024-11-21 9.0 HIGH 7.2 HIGH
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands during group creation via the "groupname" parameter.
CVE-2018-13329 1 Terra-master 1 Terramaster Operating System 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "lines" URL parameter.
CVE-2017-9328 1 Terra-master 1 Terramaster Operating System 2024-11-21 10.0 HIGH 9.8 CRITICAL
Shell metacharacter injection vulnerability in /usr/www/include/ajax/GetTest.php in TerraMaster TOS before 3.0.34 leads to remote code execution as root.

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024