Vulnerabilities > Qnap > Music Station > 4.8.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-03 | CVE-2023-39299 | Path Traversal vulnerability in Qnap Music Station A path traversal vulnerability has been reported to affect Music Station. | 7.5 |
| 2021-05-13 | CVE-2020-36197 | Improper Access Control vulnerability in Qnap Music Station An improper access control vulnerability has been reported to affect earlier versions of Music Station. | 5.8 |
| 2020-12-10 | CVE-2020-2494 | Cross-site Scripting vulnerability in Qnap Music Station This cross-site scripting vulnerability in Music Station allows remote attackers to inject malicious code. | 6.1 |
| 2020-11-02 | CVE-2018-19952 | SQL Injection vulnerability in Qnap Music Station If exploited, this SQL injection vulnerability could allow remote attackers to obtain application information. | 5.0 |
| 2020-11-02 | CVE-2018-19951 | Cross-site Scripting vulnerability in Qnap Music Station If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. | 6.1 |
| 2020-11-02 | CVE-2018-19950 | Command Injection vulnerability in Qnap Music Station If exploited, this command injection vulnerability could allow remote attackers to execute arbitrary commands. | 9.8 |
| 2019-12-05 | CVE-2019-7185 | Cross-site Scripting vulnerability in Qnap Music Station This cross-site scripting (XSS) vulnerability in Music Station allows remote attackers to inject and execute scripts on the administrator’s management console. | 4.8 |
| 2019-12-04 | CVE-2018-0729 | Command Injection vulnerability in Qnap Music Station This command injection vulnerability in Music Station allows attackers to execute commands on the affected device. | 7.5 |
| 2018-09-14 | CVE-2018-0718 | Command Injection vulnerability in Qnap Music Station Command injection vulnerability in Music Station 5.1.2 and earlier versions in QNAP QTS 4.3.3 and 4.3.4 could allow remote attackers to run arbitrary commands in the compromised application. | 7.5 |
| 2017-10-06 | CVE-2017-13069 | Command Injection vulnerability in Qnap Music Station QNAP discovered a number of command injection vulnerabilities found in Music Station versions 4.8.6 (for QTS 4.2.x), 5.0.7 (for QTS 4.3.x), and earlier. | 7.5 |