2 matches found
CVE-2018-15696
ASUSTOR Data Master (ADM) prior to 3.1.6 is affected by CVE-2018-15696: authenticated remote non-administrative users can enumerate all user accounts via user.cgi. Vulnerability details are supported by multiple sources (e.g., NVD entry and OpenVAS plugin noting ADM < 3.1.6 includes CVE-2018-1...
ASUSTOR Data Master < 3.1.6 Multiple Vulnerabilities
According to its self-reported version number, the ASUSTOR Data Master ADM web interface running on the remote web server is prior to 3.1.6. It is, therefore, affected by multiple vulnerabilities: - CVE-2018-15694: Authenticated File Upload - CVE-2018-15695: Authenticated Arbitrary File Deletion ...