WebTitan < 3.60 - Local File Inclusion

Directory traversal vulnerability in logs-x.php in SpamTitan WebTitan before 3.60 allows remote authenticated users to read arbitrary files via a .. dot dot in the fname parameter in a view action. id: CVE-2011-4640 info: name: WebTitan 3.60 - Local File Inclusion author: ctflearner severity:...

EUVD-2020-4146

Malware in sbrugna...

EUVD-2020-16782

Malware in sbrugna...

EUVD-2011-5049

Malware in sbrugna...

EUVD-2018-7016

Malware in sbrugna...

EUVD-2019-16356

Malware in sbrugna...

EUVD-2011-4556

Malware in sbrugna...

EUVD-2020-23321

Malware in sbrugna...

EUVD-2011-4557

Malware in sbrugna...

EUVD-2011-5050

Malware in sbrugna...

EUVD-2020-16781

Malware in sbrugna...

EUVD-2020-4145

Malware in sbrugna...

EUVD-2014-2987

Malware in sbrugna...

EUVD-2024-54897

Malicious code in bioql PyPI...

CVE-2024-45438

TitanHQ SpamTitan Email Security Gateway contains a vulnerability in the quarantine.php interface that allows unauthenticated users to trigger account-level actions by crafting a GET request. If the email parameter uses a non-existent address, the system may create a user record and attach quaran...

TitanHQ SpamTitan Email Security Gateway 安全漏洞

TitanHQ SpamTitan Email Security Gateway is an email security gateway from TitanHQ Ireland. A security vulnerability exists in TitanHQ SpamTitan Email Security Gateway versions 8.00.x prior to 8.00.101 and 8.01.x prior to 8.01.14, which stems from a vulnerability in quarantine.php that allows an...

CVE-2024-45438

An issue was discovered in TitanHQ SpamTitan Email Security Gateway 8.00.x before 8.00.101 and 8.01.x before 8.01.14. The file quarantine.php within the SpamTitan interface allows unauthenticated users to trigger account-level actions using a crafted GET request. Notably, when a non-existent emai...

PT-2025-34239

Name of the Vulnerable Software and Affected Versions: SpamTitan Email Security Gateway versions 8.00.0 through 8.00.100 SpamTitan Email Security Gateway versions 8.01.0 through 8.01.13 Description: The quarantine.php file within the SpamTitan interface allows unauthenticated users to trigger...

CVE-2020-11700

An issue was discovered in Titan SpamTitan 7.07. Improper sanitization of the parameter fname, used on the page certs-x.php, would allow an attacker to retrieve the contents of arbitrary files. The user has to be authenticated before interacting with this page...

CVE-2020-11804

An issue was discovered in Titan SpamTitan 7.07. Due to improper sanitization of the parameter quid, used in the page mailqueue.php, code injection can occur. The input for this parameter is provided directly by an authenticated user via an HTTP GET request...