CVE-2019-14312 Scanner
Detects 'Local File Inclusion (LFI)' vulnerability in Aptana Jaxer affects v. 1.0.3.4547.
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
1 month 1 day
Scan only one
URL
Toolbox
-
Aptana Jaxer is a versatile server-side JavaScript environment designed to streamline the development of web applications by providing an integrated set of tools for HTML, CSS, and JavaScript. It is used for building desktop and mobile web applications, server scripts, and web services. The platform was created to simplify web development, by supporting the complete cycle of web application development. Its latest version, Aptana Jaxer 1.0.3.4547, however, is not free from vulnerability.
The CVE-2019-14312 vulnerability, for instance, is a local file inclusion vulnerability that was recently detected in the Wikilite source code viewer of Aptana Jaxer 1.0.3.4547. This vulnerability enables remote attackers to gain access to server internal files through a tools/sourceViewer/index.html?filename=../ URI.
This vulnerability is a major security risk as it facilitates unauthorized access to internal files on the server, including executables and sensitive configuration files containing credentials and other sensitive information. As such, it can lead to severe security breaches that can result in data loss, system downtime or even financial losses, especially for businesses.
Thanks to the extensive pro features of s4e.io, readers of this article can easily and quickly learn about vulnerabilities in their digital assets. Our platform is designed to help businesses identify and address security risks promptly, to safeguard their systems and data from potential attacks. By subscribing to our platform, businesses can benefit from real-time alerts for vulnerabilities, advanced analytics and reporting, expert remediation advice, and 24/7 security support. We invite you to try out s4e.io and take control of your digital assets' security today.
REFERENCES