Vulnerabilities > Totaljs
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-30 | CVE-2021-32831 | Code Injection vulnerability in Totaljs Total.Js Total.js framework (npm package total.js) is a framework for Node.js platfrom written in pure JavaScript similar to PHP's Laravel or Python's Django or ASP.NET MVC. | 6.5 |
| 2021-07-12 | CVE-2021-23389 | Code Injection vulnerability in Totaljs Total.Js The package total.js before 3.4.9 are vulnerable to Arbitrary Code Execution via the U.set() and U.get() functions. | 7.5 |
| 2021-07-12 | CVE-2021-23390 | Code Injection vulnerability in Totaljs Total4 The package total4 before 0.0.43 are vulnerable to Arbitrary Code Execution via the U.set() and U.get() functions. | 7.5 |
| 2021-03-04 | CVE-2021-23344 | Code Injection vulnerability in Totaljs Total.Js The package total.js before 3.4.8 are vulnerable to Remote Code Execution (RCE) via set. | 7.5 |
| 2021-02-02 | CVE-2020-28495 | Unspecified vulnerability in Totaljs Total.Js This affects the package total.js before 3.4.7. | 7.5 |
| 2021-02-02 | CVE-2020-28494 | Command Injection vulnerability in Totaljs Total.Js This affects the package total.js before 3.4.7. | 7.5 |
| 2020-02-24 | CVE-2020-9381 | Incorrect Authorization vulnerability in Totaljs Total.Js CMS 13.0.0 controllers/admin.js in Total.js CMS 13 allows remote attackers to execute arbitrary code via a POST to the /admin/api/widgets/ URI. | 5.0 |
| 2019-09-05 | CVE-2019-15955 | Algorithmic Complexity vulnerability in Totaljs Total.Js CMS 12.0.0 An issue was discovered in Total.js CMS 12.0.0. | 4.0 |
| 2019-09-05 | CVE-2019-15954 | Missing Authorization vulnerability in Totaljs Total.Js CMS 12.0.0 An issue was discovered in Total.js CMS 12.0.0. | 9.0 |
| 2019-09-05 | CVE-2019-15953 | Missing Authorization vulnerability in Totaljs Total.Js CMS 12.0.0 An issue was discovered in Total.js CMS 12.0.0. | 6.5 |