Skip to main content

Total Js Cms

6 CVEs product

Monthly

CVE-2020-9381 HIGH POC PATCH This Week

controllers/admin.js in Total.js CMS 13 allows remote attackers to execute arbitrary code via a POST to the /admin/api/widgets/ URI. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Authentication Bypass Total Js Cms
NVD GitHub
CVSS 3.1
7.5
EPSS
2.1%
CVE-2019-15955 MEDIUM POC This Month

An issue was discovered in Total.js CMS 12.0.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Total Js Cms
NVD GitHub
CVSS 3.0
6.5
EPSS
0.9%
CVE-2019-15954 npm CRITICAL POC THREAT Emergency

An issue was discovered in Total.js CMS 12.0.0. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Total Js Cms
NVD GitHub Exploit-DB
CVSS 3.1
9.9
EPSS
79.2%
CVE-2019-15953 npm HIGH POC This Week

An issue was discovered in Total.js CMS 12.0.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Privilege Escalation Total Js Cms
NVD GitHub
CVSS 3.0
8.8
EPSS
1.5%
CVE-2019-15952 npm HIGH POC This Week

An issue was discovered in Total.js CMS 12.0.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Total Js Cms
NVD GitHub
CVSS 3.0
8.8
EPSS
5.1%
CVE-2019-10260 npm MEDIUM PATCH This Month

Total.js CMS 12.0.0 has XSS related to themes/admin/views/index.html (item.message) and themes/admin/public/ui.js (column.format). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Total Js Cms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

controllers/admin.js in Total.js CMS 13 allows remote attackers to execute arbitrary code via a POST to the /admin/api/widgets/ URI. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Authentication Bypass Total Js Cms
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in Total.js CMS 12.0.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Total Js Cms
NVD GitHub
EPSS 79% CVSS 9.9
CRITICAL POC THREAT Emergency

An issue was discovered in Total.js CMS 12.0.0. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Total Js Cms
NVD GitHub Exploit-DB
EPSS 2% CVSS 8.8
HIGH POC This Week

An issue was discovered in Total.js CMS 12.0.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Privilege Escalation Total Js Cms
NVD GitHub
EPSS 5% CVSS 8.8
HIGH POC This Week

An issue was discovered in Total.js CMS 12.0.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Total Js Cms
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Total.js CMS 12.0.0 has XSS related to themes/admin/views/index.html (item.message) and themes/admin/public/ui.js (column.format). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Total Js Cms
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy