Filtered by vendor Asustor
Subscribe
Total
43 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-15698 | 1 Asustor | 1 Data Master | 2018-10-30 | 6.8 MEDIUM | 6.5 MEDIUM |
| ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to read any file on the file system when providing the full path to loginimage.cgi. | |||||
| CVE-2018-15695 | 1 Asustor | 1 Data Master | 2018-10-30 | 8.5 HIGH | 6.5 MEDIUM |
| ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to delete any file on the file system due to a path traversal vulnerability in wallpaper.cgi. | |||||
| CVE-2018-11511 | 1 Asustor | 1 Asustor Data Master | 2018-10-19 | 7.5 HIGH | 9.8 CRITICAL |
| The tree list functionality in the photo gallery application in ASUSTOR ADM 3.1.0.RFQ3 has a SQL injection vulnerability that affects the 'album_id' or 'scope' parameter via a photo-gallery/api/album/tree_lists/ URI. | |||||