Lucene search
K

5968 matches found

CVE
CVE
added 2018/12/04 5:0 p.m.43 views

CVE-2018-12310

CVE-2018-12310 describes a cross-site scripting vulnerability in ASUSTOR ADM (login page, version 3.1.1) where an attacker can inject JavaScript through the System Announcement feature. Affected component: ASUSTOR ADM login flow. Underlying issue: stored/reflected XSS in the login surface (detail...

5.4CVSS6.4AI score0.00545EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2018/12/03 10:29 p.m.17 views

Cross site scripting

Cross-site scripting in the /DroboAccess/deleteuser endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows attackers to execute JavaScript via the "username" URL parameter...

4.3CVSS6.2AI score0.00707EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/12/03 10:0 p.m.26 views

CVE-2018-14697

Cross-site scripting in the /DroboAccess/enableuser endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows attackers to execute JavaScript via the username URL parameter...

6.9AI score0.00707EPSS
Exploits1References1
CVE
CVE
added 2018/12/03 10:0 p.m.45 views

CVE-2018-14698

CVE-2018-14698 concerns a cross-site scripting flaw in Drobo 5N2 NAS, specifically in the /DroboAccess/delete_user endpoint. The vulnerability allows an attacker to inject JavaScript via the username URL parameter in Drobo 5N2 NAS version 4.0.5-13.28.96115. NVD data lists CVSS v3 base score 6.1 (...

6.1CVSS6.8AI score0.00707EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/11/28 12:0 a.m.2 views

TerraMaster TOS Cross-Site Scripting Vulnerability (CNVD-2019-00666)

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A cross-site scripting vulnerability exists in Control Panel in TerraMaster TOS...

5.4CVSS5.8AI score0.00852EPSS
Exploits1References1
CNVD
CNVD
added 2018/11/28 12:0 a.m.3 views

TerraMaster TOS Cross-Site Scripting Vulnerability (CNVD-2019-00662)

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A cross-site scripting vulnerability exists in the ajaxdata.php endpoint in...

6.1CVSS6.5AI score0.01082EPSS
Exploits1References1
CNVD
CNVD
added 2018/11/28 12:0 a.m.4 views

TerraMaster TOS Cross-Site Scripting Vulnerability (CNVD-2018-26665)

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A cross-site scripting vulnerability exists in Control Panel in TerraMaster TOS...

6.5CVSS6.7AI score0.01065EPSS
Exploits1References1
Prion
Prion
added 2018/11/27 9:29 p.m.20 views

Cross site scripting

Cross-site scripting in File Manager in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript in the permissions window by placing JavaScript in users' usernames...

4.3CVSS6.2AI score0.01082EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/11/27 9:29 p.m.16 views

CVE-2018-13357

Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing Shared Folders via JavaScript in Shared Folders' names...

5.4CVSS5.5AI score0.00852EPSS
Exploits1References1
OSV
OSV
added 2018/11/27 9:29 p.m.4 views

CVE-2018-13335

Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing shared folders via their descriptions...

5.4CVSS5.8AI score0.00852EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/11/27 9:0 p.m.19 views

CVE-2018-13335

Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing shared folders via their descriptions...

6.5AI score0.00852EPSS
Exploits1References1
CVE
CVE
added 2018/11/27 9:0 p.m.43 views

CVE-2018-13351

TerraMaster TOS 3.1.03 Control Panel contains a cross-site scripting vulnerability that allows attackers to execute JavaScript through the edit password form. The provided documents do not specify the vulnerable component version beyond 3.1.03, nor any patched remediation or available exploit det...

4.8CVSS6.2AI score0.00856EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/11/27 9:0 p.m.20 views

CVE-2018-13331

Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing users by placing JavaScript in their usernames...

6.9AI score0.01082EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/11/27 9:0 p.m.20 views

CVE-2018-13359

Cross-site scripting in usertable.php in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "modgroup" parameter...

8.8AI score0.1988EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/11/27 9:0 p.m.22 views

CVE-2018-13351

Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the edit password form...

6.3AI score0.00856EPSS
Exploits1References1
CVE
CVE
added 2018/11/27 9:0 p.m.48 views

CVE-2018-13334

TerraMaster TOS

6.1CVSS6.5AI score0.01082EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2018/11/27 8:29 p.m.22 views

Cross site scripting

Cross-site scripting in handle.php in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "optionssysname" parameter...

4.3CVSS6.2AI score0.01082EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/11/27 8:29 p.m.20 views

CVE-2018-13334

Cross-site scripting in handle.php in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "optionssysname" parameter...

6.1CVSS6.3AI score0.01082EPSS
Exploits1References1
CNVD
CNVD
added 2018/11/27 12:0 a.m.2 views

TOTOLINK A3002RU cross-site scripting vulnerability (CNVD-2018-24105)

TOTOLINK A3002RU is a wireless router product from Gion Electronics TOTOLINK. A cross-site scripting vulnerability exists in the password.htm page in TOTOLINK A3002RU version 1.0.8. A remote attacker can exploit this vulnerability to execute arbitrary JavaScript code with the help of a username...

6.1CVSS6.3AI score0.00672EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/11/26 10:0 p.m.28 views

CVE-2018-13309

Cross-site scripting in password.htm in TOTOLINK A3002RU version 1.0.8 allows attackers to execute arbitrary JavaScript via the user's password...

6.4AI score0.00707EPSS
Exploits1References1
Rows per page
Query Builder