4 matches found
CVE-2018-12297
Cross-site scripting in API error pages in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via URL path names...
Seagate NAS OS Path Traversal Vulnerability
Seagate NAS OS is a NAS Network Attached Storage operating system from Seagate, Inc. filebrowser is one of the file browsers. A path traversal vulnerability exists in the filebrowser in Seagate NAS OS version 4.3.15.1. The vulnerability stems from a failure of a network system or product to...
Sql injection
SQL injection in folderViewSpecific.psp in Seagate NAS OS version 4.3.15.1 allows attackers to execute arbitrary SQL commands via the dirId URL parameter...
CVE-2018-12295
SQL injection in folderViewSpecific.psp in Seagate NAS OS version 4.3.15.1 allows attackers to execute arbitrary SQL commands via the dirId URL parameter...