Terramaster Operating System Security Vulnerabilities and Issues — Terramaster Operating System CVE List

Lucene search

Terra-masterTerramaster Operating System

7 matches found

CVE•added 2018/11/27 9:0 p.m.•37 views

CVE-2018-13334

Cross-site scripting in handle.php in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "options[sysname]" parameter.

6.1CVSS6.5AI score0.0024EPSS

CVE•added 2018/11/27 9:29 p.m.•34 views

CVE-2018-13333

Cross-site scripting in File Manager in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript in the permissions window by placing JavaScript in users' usernames.

6.1CVSS6.8AI score0.00181EPSS

CVE•added 2018/11/27 9:29 p.m.•33 views

CVE-2018-13360

Cross-site scripting in Text Editor in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "filename" URL parameter.

6.1CVSS6.8AI score0.0024EPSS

CVE•added 2018/11/27 9:0 p.m.•31 views

CVE-2018-13329

Cross-site scripting in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "lines" URL parameter.

6.1CVSS6.8AI score0.0024EPSS

CVE•added 2018/11/27 9:29 p.m.•31 views

CVE-2018-13355

Incorrect access controls in ajaxdata.php in TerraMaster TOS version 3.1.03 allow attackers to create user groups without proper authorization.

6.5CVSS7AI score0.00146EPSS

CVE•added 2018/11/27 9:29 p.m.•30 views

CVE-2018-13331

Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing users by placing JavaScript in their usernames.

6.1CVSS6.8AI score0.0024EPSS

CVE•added 2018/11/27 9:29 p.m.•30 views

CVE-2018-13349

Cross-site scripting in the web application taskbar in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the user's username.

6.1CVSS6.8AI score0.0024EPSS