Lucene search
K

8 matches found

Nuclei
Nuclei
added 6 days ago36 views

Totaljs <3.2.3 - Local File Inclusion

Total.js Platform before 3.2.3 is vulnerable to local file inclusion. id: CVE-2019-8903 info: name: Totaljs 3.2.3 - Local File Inclusion author: madrobot severity: high description: Total.js Platform before 3.2.3 is vulnerable to local file inclusion. impact: | An attacker can exploit this...

7.5CVSS7AI score0.72058EPSS
Exploits2References5
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.360 views

Total.js Prior To 3.2.4 Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Check and exploit Total.js Directory Traversal CVE-2019-8903 class MetasploitModule 'Total.js prior to 3.2.4 Directory Traversal', 'Description' = %q This module check a...

7.5CVSS7AI score0.72058EPSS
Exploits2
ATTACKERKB
ATTACKERKB
added 2019/10/30 12:0 a.m.23 views

CVE-2019-8903

index.js in Total.js Platform before 3.2.3 allows path traversal. Recent assessments: Mad-robot at July 05, 2020 2:29pm UTC reported: Totaljs – Unathenticated Directory Traversal DESCRIPTION User can make requests like “GET /../databases/settings.json HTTP/1.1” and include file contents from...

7.5CVSS7.4AI score0.72058EPSS
Exploits2References3
Circl
Circl
added 2019/03/12 9:39 p.m.11 views

CVE-2019-8903

creationtimestamp| type| source ---|---|--- 2019-03-12 21:39:30+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/totaljstraversal.rb 2025-02-06 03:13:44+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:19+00:00| seen|...

7.5CVSS7.3AI score0.72058EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2019/03/11 12:0 a.m.98 views

Total.js Directory Traversal Vulnerability

Total.js is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:totaljs:total.js"; if...

7.5CVSS7.4AI score0.72058EPSS
Exploits2References2
Metasploit
Metasploit
added 2019/03/10 4:57 p.m.53 views

Total.js prior to 3.2.4 Directory Traversal

This module check and exploits a directory traversal vulnerability in Total.js prior to 3.2.4. Here is a list of accepted extensions: flac, jpg, jpeg, png, gif, ico, js, css, txt, xml, woff, woff2, otf, ttf, eot, svg, zip, rar, pdf, docx, xlsx, doc, xls, html, htm, appcache, manifest, map, ogv,...

7.5CVSS7.3AI score0.72058EPSS
Exploits2
NVD
NVD
added 2019/02/18 4:29 p.m.17 views

CVE-2019-8903

index.js in Total.js Platform before 3.2.3 allows path traversal...

7.5CVSS7.5AI score0.72058EPSS
Exploits2References3
CVE
CVE
added 2019/02/18 4:0 p.m.71 views

CVE-2019-8903

Summary: CVE-2019-8903 affects Total.js Platform before 3.2.3 and is a path traversal/LFI issue in index.js. Multiple sources (NVD, Nuclei template, GHSA advisory, OpenVAS, AttackersKB) confirm that insufficient input sanitization in URLs allows an attacker to access files outside the public dire...

7.5CVSS7.3AI score0.72058EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder