48 matches found
Bitstorm SQL注入漏洞
Bitstorm is a lightweight Bittorrent tracker by the individual developer Anthony Ananich. Bitstorm suffers from a SQL injection vulnerability that stems from a misuse of the parameter event resulting in sql injection...
PT-2023-10132 · Unknown · Ananich Bitstorm
Name of the Vulnerable Software and Affected Versions: ananich bitstorm affected versions not specified Description: A critical issue was found in ananich bitstorm, affecting an unknown functionality of the file announce.php. The manipulation of the event argument leads to SQL injection...
The vulnerability of the “Event” parameter in the TerraMaster TOS operating system allows a hacker to execute arbitrary code.
The vulnerability of the “Event” parameter in the TerraMaster TOS operating system is related to the lack of measures taken to neutralize special elements used in operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
VulnCheck KEV: CVE-2020-28188
Remote Command Execution RCE vulnerability in TerraMaster TOS = 4.2.06 allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php in Event parameter...
VulnCheck KEV: CVE-2020-35665
An unauthenticated command-execution vulnerability exists in TerraMaster TOS through 4.2.06 via shell metacharacters in the Event parameter in include/makecvs.php during CSV creation...
CVE-2020-28188
Remote Command Execution RCE vulnerability in TerraMaster TOS = 4.2.06 allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php in Event parameter...
Command injection
Remote Command Execution RCE vulnerability in TerraMaster TOS = 4.2.06 allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php in Event parameter...
Terramaster TOS Operating System Command Injection Vulnerability
TerraMaster TOS is a Linux-based operating system for TerraMaster Cloud Storage NAS servers from TerraMaster. An OS command injection vulnerability exists in TerraMaster TOS version 4.2.06 and earlier versions, which originates from an OS command injection vulnerability found in the Event paramet...
PT-2020-5870 · Terramaster · Terramaster Tos
Name of the Vulnerable Software and Affected Versions: TerraMaster TOS versions = 4.2.06 Description: The issue is related to the "Event" parameter in the /include/makecvs.php file of the TerraMaster TOS operating system, which fails to neutralize special elements used in operating system command...
TerraMaster TOS Remote Code Execution Vulnerability
TerraMaster TOS is a Linux-based operating system developed for TerraMaster Cloud Storage NAS servers. A remote code execution vulnerability exists in TerraMaster TOS 4.2.06 and earlier versions. An attacker can exploit this vulnerability to execute commands without authentication via shell...
CVE-2020-28188
Remote Command Execution RCE vulnerability in TerraMaster TOS = 4.2.06 allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php in Event parameter. Recent assessments: gwillcox-r7 at January 21, 2021 3:28am UTC reported: Noted as exploited in the wild by CheckPoint...
CVE-2020-28188
TerraMaster TOS is affected up to version 4.2.06 with unauthenticated remote code execution via /include/makecvs.php in the Event parameter. The underlying issue is a command-injection flaw that lets an attacker run arbitrary OS commands on the system, typically with the web app user privileges. ...
CVE-2020-28188
Remote Command Execution RCE vulnerability in TerraMaster TOS = 4.2.06 allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php in Event parameter...
CVE-2020-35665
An unauthenticated command-execution vulnerability exists in TerraMaster TOS through 4.2.06 via shell metacharacters in the Event parameter in include/makecvs.php during CSV creation...
Command injection
An unauthenticated command-execution vulnerability exists in TerraMaster TOS through 4.2.06 via shell metacharacters in the Event parameter in include/makecvs.php during CSV creation...
CVE-2020-35665
An unauthenticated command-execution vulnerability exists in TerraMaster TOS through 4.2.06 via shell metacharacters in the Event parameter in include/makecvs.php during CSV creation...
PT-2020-17380 · Terramaster · Terramaster Tos
Name of the Vulnerable Software and Affected Versions: TerraMaster TOS versions 4.2.06 and earlier Description: An unauthenticated command-execution issue exists via shell metacharacters in the Event parameter in include/makecvs.php during CSV creation. Recommendations: For TerraMaster TOS versio...
TerraMaster TOS SQL Injection Vulnerability
TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A SQL injection vulnerability exists in the logtable.php file in TerraMaster TOS...
TerraMaster TOS System Command Injection Vulnerability (CNVD-2018-26663)
TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A system command injection vulnerability exists in the logtable.php file in...
CVE-2018-13350
SQL injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute SQL queries via the "Event" parameter...