2 matches found
SpamTitan 7.07 - Remote Code Execution (Authenticated)
Exploit Title: SpamTitan 7.07 - Remote Code Execution Authenticated Date: 2020-09-18 Exploit Author: Felipe Molina @felmoltor Vendor Homepage: https://www.titanhq.com/spamtitan/spamtitangateway/ Software Link: https://www.titanhq.com/signup/?producttype=spamtitangateway Version: 7.07 Tested on:...
CVE-2020-11700
Titan SpamTitan 7.07 contains an arbitrary file-read vulnerability in certs-x.php caused by improper sanitization of the fname parameter. An authenticated attacker can retrieve contents of arbitrary files. Connected sources (Red Hat, CNVD, CVE records) corroborate the issue and page/certs-x.php c...