Vulnerabilities > Qnap
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-10 | CVE-2020-2494 | Cross-site Scripting vulnerability in Qnap Music Station This cross-site scripting vulnerability in Music Station allows remote attackers to inject malicious code. | 6.1 |
| 2020-12-10 | CVE-2020-2493 | Cross-site Scripting vulnerability in Qnap Multimedia Console This cross-site scripting vulnerability in Multimedia Console allows remote attackers to inject malicious code. | 4.3 |
| 2020-12-10 | CVE-2020-2491 | Cross-site Scripting vulnerability in Qnap Photo Station This cross-site scripting vulnerability in Photo Station allows remote attackers to inject malicious code. | 4.3 |
| 2020-12-10 | CVE-2019-7198 | Command Injection vulnerability in Qnap QTS and Quts Hero This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. | 7.5 |
| 2020-11-16 | CVE-2020-2492 | Command Injection vulnerability in Qnap QTS If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. | 6.5 |
| 2020-11-16 | CVE-2020-2490 | Command Injection vulnerability in Qnap QTS If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. | 6.5 |
| 2020-11-02 | CVE-2018-19956 | Cross-site Scripting vulnerability in Qnap Photo Station The cross-site scripting vulnerability has been reported to affect earlier versions of Photo Station. | 6.1 |
| 2020-11-02 | CVE-2018-19955 | Cross-site Scripting vulnerability in Qnap Photo Station The cross-site scripting vulnerability has been reported to affect earlier versions of Photo Station. | 6.1 |
| 2020-11-02 | CVE-2018-19954 | Cross-site Scripting vulnerability in Qnap Photo Station The cross-site scripting vulnerability has been reported to affect earlier versions of Photo Station. | 6.1 |
| 2020-11-02 | CVE-2018-19952 | SQL Injection vulnerability in Qnap Music Station If exploited, this SQL injection vulnerability could allow remote attackers to obtain application information. | 5.0 |