19 matches found
EUVD-2021-2519
Malware in sbrugna...
EUVD-2021-2469
Malware in sbrugna...
Code Injection in total4
The package total4 before 0.0.43 are vulnerable to Arbitrary Code Execution via the U.set and U.get functions...
GHSA-G7MQ-RFJ2-25WQ Code Injection in total4
The package total4 before 0.0.43 are vulnerable to Arbitrary Code Execution via the U.set and U.get functions...
GHSA-7FM6-GXQG-2PWR Code Injection in total.js
The package total.js before 3.4.9 are vulnerable to Arbitrary Code Execution via the U.set and U.get functions...
Code Injection in total.js
The package total.js before 3.4.9 are vulnerable to Arbitrary Code Execution via the U.set and U.get functions...
CVE-2021-23390
The package total4 before 0.0.43 are vulnerable to Arbitrary Code Execution via the U.set and U.get functions...
CVE-2021-23389
The package total.js before 3.4.9 are vulnerable to Arbitrary Code Execution via the U.set and U.get functions...
CVE-2021-23389
The package total.js before 3.4.9 are vulnerable to Arbitrary Code Execution via the U.set and U.get functions...
Code injection
The package total.js before 3.4.9 are vulnerable to Arbitrary Code Execution via the U.set and U.get functions...
Code injection
The package total4 before 0.0.43 are vulnerable to Arbitrary Code Execution via the U.set and U.get functions...
CVE-2021-23389
Total.js prior to 3.4.9 is vulnerable to Arbitrary Code Execution via the U.set() and U.get() functions. The issue, documented across multiple feeds (CVE-2021-23389, GHSA-7FM6-GXQG-2PWR, OSV, SNYK), stems from code in total.js (notably in utilities) that allows execution of arbitrary code. Impact...
CVE-2021-23389 Arbitrary Code Execution
The package total.js before 3.4.9 are vulnerable to Arbitrary Code Execution via the U.set and U.get functions...
CVE-2021-23390 Arbitrary Code Execution
The package total4 before 0.0.43 are vulnerable to Arbitrary Code Execution via the U.set and U.get functions...
CVE-2021-23390
CVE-2021-23390 affects the total4 package (Node.js framework) up to versions prior to 0.0.43. The vulnerability enables Arbitrary Code Execution through the U.set() and U.get() functions, as detailed by multiple sources (Snyk PoC, GitHub advisory GHSA-g7mq-rfj2-25WQ, and OSV/NVD records). Practic...
CVE-2021-23390
The package total4 before 0.0.43 are vulnerable to Arbitrary Code Execution via the U.set and U.get functions...
total.js代码注入漏洞
total.js is open source a framework developed using JavaScript for the Node.js platform. It can be used to develop web, desktop, service and IoT platforms. A security vulnerability exists in total.js, which stems from the package total4 in versions prior to 0.0.43 that is prone to executing...
Arbitrary Code Execution
Overview total4 is a framework for Node.js platform written in pure JavaScript similar to PHP's Laravel or Python's Django or ASP.NET MVC. It can be used as a web, desktop, service, or IoT application. Affected versions of this package are vulnerable to Arbitrary Code Execution via the U.set and...
Arbitrary Code Execution
Overview total.js is a framework for Node.js platfrom written in pure JavaScript similar to PHP's Laravel or Python's Django or ASP.NET MVC. It can be used as web, desktop, service or IoT application. Affected versions of this package are vulnerable to Arbitrary Code Execution via the U.set and...