3 matches found
CVE-2020-11699
An issue was discovered in Titan SpamTitan 7.07. Improper validation of the parameter fname on the page certs-x.php would allow an attacker to execute remote code on the target server. The user has to be authenticated before interacting with this page...
SpamTitan 7.07 - Remote Code Execution (Authenticated)
Exploit Title: SpamTitan 7.07 - Remote Code Execution Authenticated Date: 2020-09-18 Exploit Author: Felipe Molina @felmoltor Vendor Homepage: https://www.titanhq.com/spamtitan/spamtitangateway/ Software Link: https://www.titanhq.com/signup/?producttype=spamtitangateway Version: 7.07 Tested on:...
CVE-2020-11699
CVE-2020-11699 affects Titan SpamTitan 7.07. The issue is improper validation of the fname parameter on certs-x.php, enabling remote code execution on the target server when an authenticated user interacts with that page. Documented impact indicates attacker-controlled input could trigger code ex...