EUVD-2021-0536

Malware in sbrugna...

EUVD-2021-0594

Malware in sbrugna...

EUVD-2022-46982

Malicious code in bioql PyPI...

CVE-2022-44019

In Total.js 4 before 0e5ace7, /api/common/ping can achieve remote command execution via shell metacharacters in the host parameter...

CVE-2022-44019

In Total.js 4 before 0e5ace7, /api/common/ping can achieve remote command execution via shell metacharacters in the host parameter...

Cross-Site Scripting (XSS)

total.js is vulnerable to stored cross-site scripting. The vulnerability exists in upload function due to lack of sanitization which allows an attacker to execute arbitrary javascript via a javascript embedded PDF file...

@pl-test/c (>=1.1.0 <=1.1.1), @pl-test/e (=1.1.0) +10 more potentially affected by CVE-2021-23389 via total.js (>=1.2.3 <=3.4.13)

total.js NPM version =1.2.3, =1.1.0, =0.1.5, =0.1.0, =4.0.0, =1.0.0, =0.0.1, =0.0.1, =0.0.4 Source cves: CVE-2021-23389 Source advisory: OSV:GHSA-7FM6-GXQG-2PWR...

Arbitrary Code Execution

Overview total.js is a framework for Node.js platfrom written in pure JavaScript similar to PHP's Laravel or Python's Django or ASP.NET MVC. It can be used as web, desktop, service or IoT application. Affected versions of this package are vulnerable to Arbitrary Code Execution via the U.set and...

Arbitrary Code Execution

Overview total.js is a framework for Node.js platfrom written in pure JavaScript similar to PHP's Laravel or Python's Django or ASP.NET MVC. It can be used as web, desktop, service or IoT application. Affected versions of this package are vulnerable to Arbitrary Code Execution via the U.set and...

autoremoteserver (>=0.1.5 <=0.2.3), bloater-renewed (=1.0.0) +3 more potentially affected by CVE-2019-8903 via total.js (>=1.2.3 <=2.9.30)

total.js NPM version =1.2.3, =0.1.5, =0.1.0, =0.0.1, =0.0.2 - vuejs-totaljs-project =1.0.0 Source cves: CVE-2019-8903 Source advisory: OSV:GHSA-3Q32-J57W-Q4W7...