S4E

CVE-2019-14312 Scanner

Detects 'Local File Inclusion (LFI)' vulnerability in Aptana Jaxer affects v. 1.0.3.4547.

Short Info


Level

Medium

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

1 month 1 day

Scan only one

URL

Toolbox

-

Aptana Jaxer is a versatile server-side JavaScript environment designed to streamline the development of web applications by providing an integrated set of tools for HTML, CSS, and JavaScript. It is used for building desktop and mobile web applications, server scripts, and web services. The platform was created to simplify web development, by supporting the complete cycle of web application development. Its latest version, Aptana Jaxer 1.0.3.4547, however, is not free from vulnerability.

The CVE-2019-14312 vulnerability, for instance, is a local file inclusion vulnerability that was recently detected in the Wikilite source code viewer of Aptana Jaxer 1.0.3.4547. This vulnerability enables remote attackers to gain access to server internal files through a tools/sourceViewer/index.html?filename=../ URI.

This vulnerability is a major security risk as it facilitates unauthorized access to internal files on the server, including executables and sensitive configuration files containing credentials and other sensitive information. As such, it can lead to severe security breaches that can result in data loss, system downtime or even financial losses, especially for businesses.

Thanks to the extensive pro features of s4e.io, readers of this article can easily and quickly learn about vulnerabilities in their digital assets. Our platform is designed to help businesses identify and address security risks promptly, to safeguard their systems and data from potential attacks. By subscribing to our platform, businesses can benefit from real-time alerts for vulnerabilities, advanced analytics and reporting, expert remediation advice, and 24/7 security support. We invite you to try out s4e.io and take control of your digital assets' security today.

 

REFERENCES

Get started to protecting your Free Full Security Scan