2 matches found
SpamTitan 7.07 - Remote Code Execution (Authenticated)
Exploit Title: SpamTitan 7.07 - Remote Code Execution Authenticated Date: 2020-09-18 Exploit Author: Felipe Molina @felmoltor Vendor Homepage: https://www.titanhq.com/spamtitan/spamtitangateway/ Software Link: https://www.titanhq.com/signup/?producttype=spamtitangateway Version: 7.07 Tested on:...
CVE-2020-11804
CVE-2020-11804 concerns Titan SpamTitan 7.07, where an issue arises from improper sanitization of the quid parameter in mailqueue.php. The parameter is supplied directly by an authenticated user via HTTP GET, potentially allowing code injection. Connected sources corroborate the vulnerability in ...