Vulnerabilities > Terra Master

DATE	CVE	VULNERABILITY TITLE	RISK
2018-11-27	CVE-2018-13332	Path Traversal vulnerability in Terra-Master Terramaster Operating System 3.1.03 Directory Traversal in the explorer application in TerraMaster TOS version 3.1.03 allows attackers to upload files to arbitrary locations via the "path" URL parameter. network low complexity terra-master CWE-22	7.5
2018-11-27	CVE-2018-13331	Cross-site Scripting vulnerability in Terra-Master Terramaster Operating System 3.1.03 Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing users by placing JavaScript in their usernames. network low complexity terra-master CWE-79	6.1
2018-11-27	CVE-2018-13330	OS Command Injection vulnerability in Terra-Master Terramaster Operating System 3.1.03 System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands during group creation via the "groupname" parameter. network low complexity terra-master CWE-78	7.2
2018-11-27	CVE-2018-13337	Session Fixation vulnerability in Terra-Master Terramaster Operating System 3.1.03 Session Fixation in the web application for TerraMaster TOS version 3.1.03 allows attackers to control users' session cookies via JavaScript. network low complexity terra-master CWE-384	5.4
2018-11-27	CVE-2018-13334	Cross-site Scripting vulnerability in Terra-Master Terramaster Operating System 3.1.03 Cross-site scripting in handle.php in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "options[sysname]" parameter. network low complexity terra-master CWE-79	6.1
2018-11-27	CVE-2018-13329	Cross-site Scripting vulnerability in Terra-Master Terramaster Operating System 3.1.03 Cross-site scripting in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "lines" URL parameter. network low complexity terra-master CWE-79	6.1
2017-09-15	CVE-2017-9328	OS Command Injection vulnerability in Terra-Master Terramaster Operating System 3.0.33 Shell metacharacter injection vulnerability in /usr/www/include/ajax/GetTest.php in TerraMaster TOS before 3.0.34 leads to remote code execution as root. network low complexity terra-master CWE-78 critical	9.8

Vulnerabilities > Terra Master {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Terra Master"}]}

Vulnerabilities > Terra Master