4 matches found
WebTitan < 3.60 - Local File Inclusion
Directory traversal vulnerability in logs-x.php in SpamTitan WebTitan before 3.60 allows remote authenticated users to read arbitrary files via a .. dot dot in the fname parameter in a view action. id: CVE-2011-4640 info: name: WebTitan 3.60 - Local File Inclusion author: ctflearner severity:...
CVE-2014-4306
Directory traversal vulnerability in logs-x.php in WebTitan before 4.04 allows remote attackers to read arbitrary files via a .. dot dot in the logfile parameter in a download action...
CVE-2014-4306
CVE-2014-4306 affects WebTitan (logs-x.php) prior to 4.04, where a directory traversal via the logfile parameter in a download action allows remote attackers to read arbitrary files by using .. in the request. This is confirmed across multiple sources (Red Hat, NVD, OpenVAS reference), tying the ...
CVE-2011-4640
Summary (CVE-2011-4640): A local file inclusion in WebTitan/SpamTitan prior to version 3.60 via logs-x.php (fname parameter in the view action) allows remote authenticated users to read arbitrary files by crafting a dot-dot (“..”) path. The Nuclei template confirms the vulnerability class and aff...