cbcvebase.

Terra-Master Terramaster Operating System vulnerabilities

28 known vulnerabilities affecting terra-master/terramaster_operating_system.

Total CVEs
28
CISA KEV
1
actively exploited
Public exploits
3
Exploited in wild
6
Severity breakdown
CRITICAL7HIGH9MEDIUM12

Vulnerabilities

Page 2 of 2
CVE-2018-13329P4MEDIUMCVSS 6.1v3.1.032018-11-27
CVE-2018-13329 [MEDIUM] CWE-79 CVE-2018-13329: Cross-site scripting in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute J Cross-site scripting in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "lines" URL parameter.
nvd
CVE-2018-13333P4MEDIUMCVSS 6.1v3.1.032018-11-27
CVE-2018-13333 [MEDIUM] CWE-79 CVE-2018-13333: Cross-site scripting in File Manager in TerraMaster TOS version 3.1.03 allows attackers to execute J Cross-site scripting in File Manager in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript in the permissions window by placing JavaScript in users' usernames.
nvd
CVE-2018-13349P4MEDIUMCVSS 6.1v3.1.032018-11-27
CVE-2018-13349 [MEDIUM] CWE-79 CVE-2018-13349: Cross-site scripting in the web application taskbar in TerraMaster TOS version 3.1.03 allows attacke Cross-site scripting in the web application taskbar in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the user's username.
nvd
CVE-2018-13334P4MEDIUMCVSS 6.1v3.1.032018-11-27
CVE-2018-13334 [MEDIUM] CWE-79 CVE-2018-13334: Cross-site scripting in handle.php in TerraMaster TOS version 3.1.03 allows attackers to execute Jav Cross-site scripting in handle.php in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "options[sysname]" parameter.
nvd
CVE-2018-13331P4MEDIUMCVSS 6.1v3.1.032018-11-27
CVE-2018-13331 [MEDIUM] CWE-79 CVE-2018-13331: Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing users by placing JavaScript in their usernames.
nvd
CVE-2018-13357P4MEDIUMCVSS 5.4v3.1.032018-11-27
CVE-2018-13357 [MEDIUM] CWE-79 CVE-2018-13357: Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing Shared Folders via JavaScript in Shared Folders' names.
nvd
CVE-2018-13335P4MEDIUMCVSS 5.4v3.1.032018-11-27
CVE-2018-13335 [MEDIUM] CWE-79 CVE-2018-13335: Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing shared folders via their descriptions.
nvd
CVE-2018-13351P4MEDIUMCVSS 4.8v3.1.032018-11-27
CVE-2018-13351 [MEDIUM] CWE-79 CVE-2018-13351: Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the edit password form.
nvd
Terra-Master Terramaster Operating System vulnerabilities | cvebase