CVE-2019-8903

index.js in Total.js Platform before 3.2.3 allows path traversal. Recent assessments: Mad-robot at July 05, 2020 2:29pm UTC reported: Totaljs – Unathenticated Directory Traversal DESCRIPTION User can make requests like “GET /../databases/settings.json HTTP/1.1” and include file contents from...

Unspecified Vulnerability in Total.js Platform

Total.js Platform is a suite of JavaScript Web platforms. The platform includes Total.js framework, Total.js apps, SQL Agent and NoSQL embedded DB. A security vulnerability exists in the index.js file in versions of Total.js Platform prior to 3.2.3. No details of the vulnerability are provided at...

Path traversal

index.js in Total.js Platform before 3.2.3 allows path traversal...

CVE-2019-8903

index.js in Total.js Platform before 3.2.3 allows path traversal...

CVE-2019-8903

index.js in Total.js Platform before 3.2.3 allows path traversal...

CVE-2019-8903

index.js in Total.js Platform before 3.2.3 allows path traversal...

CVE-2019-8903

Summary: CVE-2019-8903 affects Total.js Platform before 3.2.3 and is a path traversal/LFI issue in index.js. Multiple sources (NVD, Nuclei template, GHSA advisory, OpenVAS, AttackersKB) confirm that insufficient input sanitization in URLs allows an attacker to access files outside the public dire...