2 matches found
CVE-2018-15699
Summary for CVE-2018-15699 : Affected product is ASUSTOR Data Master (ADM) web interface prior to 3.1.6. The issue arises when ADM repeatedly makes HTTP requests for a configuration file, allowing a MITM attacker to inject JavaScript into the Version field, resulting in a cross‑site scripting (XS...
ASUSTOR Data Master < 3.1.6 Multiple Vulnerabilities
According to its self-reported version number, the ASUSTOR Data Master ADM web interface running on the remote web server is prior to 3.1.6. It is, therefore, affected by multiple vulnerabilities: - CVE-2018-15694: Authenticated File Upload - CVE-2018-15695: Authenticated Arbitrary File Deletion ...