8 matches found
Totaljs <3.2.3 - Local File Inclusion
Total.js Platform before 3.2.3 is vulnerable to local file inclusion. id: CVE-2019-8903 info: name: Totaljs 3.2.3 - Local File Inclusion author: madrobot severity: high description: Total.js Platform before 3.2.3 is vulnerable to local file inclusion. impact: | An attacker can exploit this...
Total.js Prior To 3.2.4 Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Check and exploit Total.js Directory Traversal CVE-2019-8903 class MetasploitModule 'Total.js prior to 3.2.4 Directory Traversal', 'Description' = %q This module check a...
CVE-2019-8903
index.js in Total.js Platform before 3.2.3 allows path traversal. Recent assessments: Mad-robot at July 05, 2020 2:29pm UTC reported: Totaljs – Unathenticated Directory Traversal DESCRIPTION User can make requests like “GET /../databases/settings.json HTTP/1.1” and include file contents from...
CVE-2019-8903
creationtimestamp| type| source ---|---|--- 2019-03-12 21:39:30+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/totaljstraversal.rb 2025-02-06 03:13:44+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:19+00:00| seen|...
Total.js Directory Traversal Vulnerability
Total.js is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:totaljs:total.js"; if...
Total.js prior to 3.2.4 Directory Traversal
This module check and exploits a directory traversal vulnerability in Total.js prior to 3.2.4. Here is a list of accepted extensions: flac, jpg, jpeg, png, gif, ico, js, css, txt, xml, woff, woff2, otf, ttf, eot, svg, zip, rar, pdf, docx, xlsx, doc, xls, html, htm, appcache, manifest, map, ogv,...
CVE-2019-8903
index.js in Total.js Platform before 3.2.3 allows path traversal...
CVE-2019-8903
Summary: CVE-2019-8903 affects Total.js Platform before 3.2.3 and is a path traversal/LFI issue in index.js. Multiple sources (NVD, Nuclei template, GHSA advisory, OpenVAS, AttackersKB) confirm that insufficient input sanitization in URLs allows an attacker to access files outside the public dire...