Lucene search
K

4 matches found

Nuclei
Nuclei
added 12 hours ago17 views

ASUSTOR ADM 3.1.0.RFQ3 - SQL Injection

ASUSTOR ADM version 3.1.0.RFQ3 is vulnerable to SQL injection via the albumid parameter in the /photo-gallery/api/album/treelists/ endpoint. An attacker can exploit this vulnerability to execute arbitrary SQL commands on the database, potentially leading to information disclosure or further...

9.8CVSS7.4AI score0.11176EPSS
Exploits7References2
VulnCheck KEV
VulnCheck KEV
added 2020/12/14 12:0 a.m.4 views

VulnCheck KEV: CVE-2018-11511

The tree list functionality in the photo gallery application in ASUSTOR ADM 3.1.0.RFQ3 has a SQL injection vulnerability that affects the 'albumid' or 'scope' parameter via a photo-gallery/api/album/treelists/ URI...

9.8CVSS7.3AI score0.11176EPSS
Exploits7References1
CNVD
CNVD
added 2018/08/17 12:0 a.m.4 views

ASUSTOR ADM SQL Injection Vulnerability

ASUSTOR ADM is an operating system from ASUSTOR dedicated to ASUSTOR NAS storage devices. photo gallery is one of the photo management applications. An SQL injection vulnerability exists in the 'albumid' and 'scope' parameters of the tree list function of the photo gallery application in ASUSTOR...

9.8CVSS9.9AI score0.11176EPSS
Exploits7References1
OSV
OSV
added 2018/08/16 8:29 p.m.6 views

CVE-2018-11511

The tree list functionality in the photo gallery application in ASUSTOR ADM 3.1.0.RFQ3 has a SQL injection vulnerability that affects the 'albumid' or 'scope' parameter via a photo-gallery/api/album/treelists/ URI...

9.8CVSS5.8AI score0.11176EPSS
Exploits7References2
Rows per page
Query Builder