Page 10 of 68 results (0.007 seconds)

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907. Si se explotaba, la vulnerabilidad de inyección de comandos podría permitir a atacantes remotos ejecutar comandos arbitrarios. Este problema afecta a: QNAP Systems Inc. • https://www.qnap.com/en/security-advisory/qsa-20-09 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907. Si se explotaba, la vulnerabilidad de inyección de comandos podría permitir que atacantes remotos ejecutar comandos arbitrarios. Este problema afecta a: QNAP Systems Inc. • https://www.qnap.com/en/security-advisory/qsa-20-09 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0

If exploited, this SQL injection vulnerability could allow remote attackers to obtain application information. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11. Si es explotada, esta vulnerabilidad de inyección SQL podría permitir a atacantes remotos obtener información de la aplicación. Este problema afecta a: QNAP Systems Inc. • https://www.qnap.com/en/security-advisory/qsa-20-10 • CWE-20: Improper Input Validation CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-943: Improper Neutralization of Special Elements in Data Query Logic •

CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 0

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11. Si es explotada, esta vulnerabilidad de secuencias de comandos entre sitios podría permitir a atacantes remotos inyectar código malicioso. Este problema afecta a: QNAP Systems Inc. • https://www.qnap.com/en/security-advisory/qsa-20-10 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •

CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0

If exploited, this command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11. Si es explotada, esta vulnerabilidad de inyección de comandos podría permitir a atacantes remotos ejecutar comandos arbitrarios. Este problema afecta a: QNAP Systems Inc. • https://www.qnap.com/en/security-advisory/qsa-20-10 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •