Vulnerabilities > Totaljs > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-09-05 CVE-2019-15953 Missing Authorization vulnerability in Totaljs Total.Js CMS 12.0.0
An issue was discovered in Total.js CMS 12.0.0.
network
low complexity
totaljs CWE-862
6.5
6.5
2019-09-05 CVE-2019-15952 Path Traversal vulnerability in Totaljs Total.Js CMS 12.0.0
An issue was discovered in Total.js CMS 12.0.0.
network
low complexity
totaljs CWE-22
6.5
6.5
2019-03-28 CVE-2019-10260 Cross-site Scripting vulnerability in Totaljs Total.Js CMS 12.0.0
Total.js CMS 12.0.0 has XSS related to themes/admin/views/index.html (item.message) and themes/admin/public/ui.js (column.format).
network
totaljs CWE-79
4.3
4.3
2019-02-18 CVE-2019-8903 Path Traversal vulnerability in Totaljs Total.Js
index.js in Total.js Platform before 3.2.3 allows path traversal.
network
low complexity
totaljs CWE-22
5.0
5.0