Total
22 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-15955 | 1 Totaljs | 1 Total.js Cms | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Total.js CMS 12.0.0. A low privilege user can perform a simple transformation of a cookie to obtain the random values inside it. If an attacker can discover a session cookie owned by an admin, then it is possible to brute force it with O(n)=2n instead of O(n)=n^x complexity, and steal the admin password. | |||||
| CVE-2018-12558 | 1 Email\ | 1 \ | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| The parse() method in the Email::Address module through 1.909 for Perl is vulnerable to Algorithmic complexity on specially prepared input, leading to Denial of Service. Prepared special input that caused this problem contained 30 form-field characters ("\f"). | |||||