62 matches found
Qnap QTS and QuTS hero Server-Side Request Forgery(CVE-2024-53696)
A server-side request forgery SSRF vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow remote attackers who have gained administrator access to read application data. We have already fixed the vulnerability in the following versions: QuLog Center...
CVE-2025-58469
A cross-site request forgery CSRF vulnerability has been reported to affect QuLog Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in the following version: QuLog Center 1.8.2.927 2025/09/17 and...
CVE-2025-54168
A cross-site scripting XSS vulnerability has been reported to affect QuLog Center. If a remote attacker gains an administrator account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version:...
EUVD-2025-38286
A cross-site request forgery CSRF vulnerability has been reported to affect QuLog Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in the following version: QuLog Center 1.8.2.927 2025/09/17 and...
EUVD-2025-38275
A cross-site scripting XSS vulnerability has been reported to affect QuLog Center. If a remote attacker gains an administrator account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version:...
CVE-2025-58469
A cross-site request forgery CSRF vulnerability has been reported to affect QuLog Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in the following version: QuLog Center 1.8.2.927 2025/09/17 and...
CVE-2025-58469
A cross-site request forgery CSRF vulnerability has been reported to affect QuLog Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in the following version: QuLog Center 1.8.2.927 2025/09/17 and...
CVE-2025-54168
A cross-site scripting XSS vulnerability has been reported to affect QuLog Center. If a remote attacker gains an administrator account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version:...
CVE-2025-54168
A cross-site scripting XSS vulnerability has been reported to affect QuLog Center. If a remote attacker gains an administrator account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version:...
CVE-2025-54168 QuLog Center
A cross-site scripting XSS vulnerability has been reported to affect QuLog Center. If a remote attacker gains an administrator account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version:...
CVE-2025-54168 QuLog Center
A cross-site scripting XSS vulnerability has been reported to affect QuLog Center. If a remote attacker gains an administrator account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version:...
CVE-2025-54168
CVE-2025-54168 : A cross-site scripting (XSS) vulnerability affects QuLog Center. According to connected sources, exploitation requires an administrator account and could allow bypassing security controls or reading application data. The issue is fixed in QuLog Center 1.8.2.923 and later (release...
CVE-2025-58469
The CVE-2025-58469 entry concerns a cross-site request forgery (CSRF) vulnerability in QuLog Center. Affected component/version details are not exhaustively enumerated in the provided documents, but sources consistently reference QuLog Center and version 1.8.2.927 (2025/09/17) as the fixed releas...
CVE-2025-58469 QuLog Center
A cross-site request forgery CSRF vulnerability has been reported to affect QuLog Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in the following version: QuLog Center 1.8.2.927 2025/09/17 and...
CVE-2025-58469 QuLog Center
A cross-site request forgery CSRF vulnerability has been reported to affect QuLog Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in the following version: QuLog Center 1.8.2.927 2025/09/17 and...
PT-2025-45432
Name of the Vulnerable Software and Affected Versions QuLog Center versions prior to 1.8.2.923 Description A cross-site scripting XSS issue exists in QuLog Center. Successful exploitation by a remote attacker who has obtained administrator privileges could allow them to bypass security features o...
PT-2025-45438
Name of the Vulnerable Software and Affected Versions QuLog Center versions prior to 1.8.2.927 Description A cross-site request forgery CSRF issue affects QuLog Center. Successful exploitation could allow remote attackers to gain privileges or hijack user identities. Recommendations Update to QuL...
QNAP Systems QuLog Center 跨站请求伪造漏洞
QNAP Systems QuLog Center is a report field for QNAP Systems that logs events reported by the system. A cross-site request forgery vulnerability exists in QNAP Systems QuLog Center versions prior to 1.8.2.927, which stems from susceptibility to a cross-site request forgery attack that could resul...
QNAP Systems QuLog Center 跨站脚本漏洞
QNAP Systems QuLog Center is a report field for China-based QNAP Systems that logs events reported by the system. A cross-site scripting vulnerability exists in QNAP Systems QuLog Center version 1.8.2.923, which stems from susceptibility to cross-site scripting attacks that could result in...
EUVD-2020-23760
Malware in sbrugna...