11 matches found
CVE-2024-45438
An issue was discovered in TitanHQ SpamTitan Email Security Gateway 8.00.x before 8.00.101 and 8.01.x before 8.01.14. The file quarantine.php within the SpamTitan interface allows unauthenticated users to trigger account-level actions using a crafted GET request. Notably, when a non-existent emai...
CVE-2024-45438
An issue was discovered in TitanHQ SpamTitan Email Security Gateway 8.00.x before 8.00.101 and 8.01.x before 8.01.14. The file quarantine.php within the SpamTitan interface allows unauthenticated users to trigger account-level actions using a crafted GET request. Notably, when a non-existent emai...
CVE-2020-11698
An issue was discovered in Titan SpamTitan 7.07. Improper input sanitization of the parameter community on the page snmp-x.php would allow a remote attacker to inject commands into the file snmpd.conf that would allow executing commands on the target server...
CVE-2020-35658
SpamTitan before 7.09 allows attackers to tamper with backups, because backups are not encrypted...
Copperfasten Technologies TitanHQ SpamTitan Encryption Issue Vulnerability
Copperfasten Technologies TitanHQ SpamTitan is a spam filter from Copperfasten Technologies, Ireland. The product blocks email threats such as spam, viruses, malware, ransomware and phishing. A security vulnerability exists in SpamTitan versions prior to 7.09, which stems from a vulnerability tha...
SpamTitan Code Injection Vulnerability (CNVD-2020-52877)
SpamTitan is an anti-spam solution from C/o Copperfasten, Ireland. The solution is characterized by easy installation and simple configuration. A code injection vulnerability exists in SpamTitan 7.07. The vulnerability stems from improper validation of the jaction parameter in mailqueue.php. An...
CVE-2020-24046
A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. This restricted shell can be bypassed after changing the properties of the user admin in the operating...
CVE-2020-11804
An issue was discovered in Titan SpamTitan 7.07. Due to improper sanitization of the parameter quid, used in the page mailqueue.php, code injection can occur. The input for this parameter is provided directly by an authenticated user via an HTTP GET request...
CVE-2020-24045
A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. The restricted shell can be bypassed by presenting a fake vmware-tools ISO image to the guest virtual...
CVE-2020-11700
An issue was discovered in Titan SpamTitan 7.07. Improper sanitization of the parameter fname, used on the page certs-x.php, would allow an attacker to retrieve the contents of arbitrary files. The user has to be authenticated before interacting with this page...
CVE-2020-11698
An issue was discovered in Titan SpamTitan 7.07. Improper input sanitization of the parameter community on the page snmp-x.php would allow a remote attacker to inject commands into the file snmpd.conf that would allow executing commands on the target server...