CVE-2019-8903

index.js in Total.js Platform before 3.2.3 allows path traversal. Recent assessments: Mad-robot at July 05, 2020 2:29pm UTC reported: Totaljs – Unathenticated Directory Traversal DESCRIPTION User can make requests like “GET /../databases/settings.json HTTP/1.1” and include file contents from...

Unspecified Vulnerability in Total.js Platform

Total.js Platform is a suite of JavaScript Web platforms. The platform includes Total.js framework, Total.js apps, SQL Agent and NoSQL embedded DB. A security vulnerability exists in the index.js file in versions of Total.js Platform prior to 3.2.3. No details of the vulnerability are provided at...

CVE-2019-8903

index.js in Total.js Platform before 3.2.3 allows path traversal...

CVE-2019-8903

index.js in Total.js Platform before 3.2.3 allows path traversal...

Path traversal

index.js in Total.js Platform before 3.2.3 allows path traversal...

CVE-2019-8903

index.js in Total.js Platform before 3.2.3 allows path traversal...

CVE-2019-8903

Summary: CVE-2019-8903 affects Total.js Platform before 3.2.3 and is a path traversal/LFI issue in index.js. Multiple sources (NVD, Nuclei template, GHSA advisory, OpenVAS, AttackersKB) confirm that insufficient input sanitization in URLs allows an attacker to access files outside the public dire...