A vulnerability classified as problematic was found in Total.js up to 3.4.8 on node.js (JavaScript Library). This vulnerability affects the function utils.set. Upgrading to version 3.4.9 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.
Total.js up to 3.4.8 on node.js utils.set code injection
- Virtual Patching
- August 31, 2021
- 7:05 am
- Virtual Patching
- August 31, 2021
- 7:05 am
Common Vulnerabilityies and Exposures
Contact us to get started
CVE-2022-1401 : DEVICE42 ASSET MANAGEMENT APPLIANCE PRIOR 18.01.00 WRIMAGERESOURCE.ADX ACCESS CONTROL
Description Improper Access Control vulnerability in the /Exago/WrImageResource.adx route as used in Device42 Asset Management Appliance allows an unauthenticated attacker
CVE-2022-36310 : AIRSPAN AIRVELOCITY 1500 PRIOR 15.18.00.2511 SNMPD INHERENTLY DANGEROUS FUNCTION
Description Airspan AirVelocity 1500 software prior to version 15.18.00.2511 had NET-SNMP-EXTEND-MIB enabled on its snmpd service, enabling an attacker with
CVE-2022-2814 : SOURCECODESTER SIMPLE AND NICE SHOPPING CART SCRIPT /MKSHOPE/LOGIN.PHP MSG CROSS SITE SCRIPTING
Description A vulnerability has been found in SourceCodester Simple and Nice Shopping Cart Script and classified as problematic. Affected by