Vulnerabilities > Qnap > QTS
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-28 | CVE-2018-19953 | Cross-site Scripting vulnerability in Qnap QTS If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. | 4.3 |
2020-10-28 | CVE-2018-19949 | Command Injection vulnerability in Qnap QTS If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. | 7.5 |
2020-10-28 | CVE-2018-19943 | Cross-site Scripting vulnerability in Qnap QTS If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. | 3.5 |
2019-12-05 | CVE-2019-7193 | Improper Input Validation vulnerability in Qnap QTS This improper input validation vulnerability allows remote attackers to inject arbitrary code to the system. | 10.0 |
2019-12-05 | CVE-2019-7183 | Link Following vulnerability in Qnap QTS This improper link resolution vulnerability allows remote attackers to access system files. | 7.5 |
2019-12-04 | CVE-2019-7197 | Cross-site Scripting vulnerability in Qnap QTS A stored cross-site scripting (XSS) vulnerability has been reported to affect multiple versions of QTS. | 3.5 |
2019-12-04 | CVE-2018-0730 | Command Injection vulnerability in Qnap QTS This command injection vulnerability in File Station allows attackers to execute commands on the affected device. | 7.5 |
2019-12-04 | CVE-2018-0729 | Command Injection vulnerability in Qnap Music Station This command injection vulnerability in Music Station allows attackers to execute commands on the affected device. | 7.5 |
2019-12-04 | CVE-2018-0728 | Improper Privilege Management vulnerability in Qnap Helpdesk This improper access control vulnerability in Helpdesk allows attackers to access the system logs. | 5.0 |
2019-02-01 | CVE-2018-0722 | Path Traversal vulnerability in Qnap Photo Station Path Traversal vulnerability in Photo Station versions: 5.7.2 and earlier in QTS 4.3.4, 5.4.4 and earlier in QTS 4.3.3, 5.2.8 and earlier in QTS 4.2.6 could allow remote attackers to access sensitive information on the device. | 5.0 |