Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
totaljs total.js vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-10260
Total.js CMS 12.0.0 has XSS related to themes/admin/views/index.html (item.message) and themes/admin/public/ui.js (column.format).
Totaljs Total.js Cms 12.0.0
4
CVSSv2
CVE-2019-15955
An issue exists in Total.js CMS 12.0.0. A low privilege user can perform a simple transformation of a cookie to obtain the random values inside it. If an attacker can discover a session cookie owned by an admin, then it is possible to brute force it with O(n)=2n instead of O(n)=n...
Totaljs Total.js Cms 12.0.0
3.5
CVSSv2
CVE-2022-30013
A stored cross-site scripting (XSS) vulnerability in the upload function of totaljs CMS 3.4.5 allows malicious users to execute arbitrary web scripts via a JavaScript embedded PDF file.
Totaljs Total.js 3.4.5
NA
CVE-2022-44019
In Total.js 4 prior to 0e5ace7, /api/common/ping can achieve remote command execution via shell metacharacters in the host parameter.
Totaljs Total.js
NA
CVE-2022-41392
A cross-site scripting (XSS) vulnerability in TotalJS commit 8c2c8909 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Website name text field under Main Settings.
Totaljs Total.js 2022-08-20
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2