Vulnerabilities > Terra Master

DATE	CVE	VULNERABILITY TITLE	RISK
2018-11-27	CVE-2018-13354	OS Command Injection vulnerability in Terra-Master Terramaster Operating System 3.1.03 System command injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "Event" parameter. network low complexity terra-master CWE-78 critical	10.0
2018-11-27	CVE-2018-13353	OS Command Injection vulnerability in Terra-Master Terramaster Operating System 3.1.03 System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute commands via the "checkport" parameter. network low complexity terra-master CWE-78 critical	9.0
2018-11-27	CVE-2018-13352	Information Exposure vulnerability in Terra-Master Terramaster Operating System 3.1.03 Session Exposure in the web application for TerraMaster TOS version 3.1.03 allows attackers to view active session tokens in a world-readable directory. network low complexity terra-master CWE-200	5.0
2018-11-27	CVE-2018-13351	Cross-site Scripting vulnerability in Terra-Master Terramaster Operating System 3.1.03 Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the edit password form. network terra-master CWE-79	3.5
2018-11-27	CVE-2018-13350	SQL Injection vulnerability in Terra-Master Terramaster Operating System 3.1.03 SQL injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute SQL queries via the "Event" parameter. network low complexity terra-master CWE-89	7.5
2018-11-27	CVE-2018-13349	Cross-site Scripting vulnerability in Terra-Master Terramaster Operating System 3.1.03 Cross-site scripting in the web application taskbar in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the user's username. network terra-master CWE-79	4.3
2018-11-27	CVE-2018-13338	OS Command Injection vulnerability in Terra-Master Terramaster Operating System 3.1.03 System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "username" parameter during user creation. network low complexity terra-master CWE-78 critical	10.0
2018-11-27	CVE-2018-13336	OS Command Injection vulnerability in Terra-Master Terramaster Operating System 3.1.03 System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "pwd" parameter during user creation. network low complexity terra-master CWE-78 critical	10.0
2018-11-27	CVE-2018-13335	Cross-site Scripting vulnerability in Terra-Master Terramaster Operating System 3.1.03 Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing shared folders via their descriptions. network terra-master CWE-79	3.5
2018-11-27	CVE-2018-13333	Cross-site Scripting vulnerability in Terra-Master Terramaster Operating System 3.1.03 Cross-site scripting in File Manager in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript in the permissions window by placing JavaScript in users' usernames. network terra-master CWE-79	4.3

Vulnerabilities > Terra Master {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Terra Master"}]}

Vulnerabilities > Terra Master