WordPress Titan Framework plugin <= 1.12.1 - Cross-Site Scripting

The iframe-font-preview.php file of the titan-framework does not properly escape the font-weight and font-family GET parameters before outputting them back in an href attribute, leading to Reflected Cross-Site Scripting issues. id: CVE-2021-24435 info: name: WordPress Titan Framework plugin =...

EUVD-2019-19961

NetNumber Titan Master 7.9.1 contains a path traversal vulnerability in the drp endpoint that allows authenticated users to download arbitrary files by injecting directory traversal sequences. Attackers can manipulate the path parameter with base64-encoded payloads containing ../ sequences to...

CVE-2019-25610

NetNumber Titan Master 7.9.1 contains a path traversal vulnerability in the drp endpoint that allows authenticated users to download arbitrary files by injecting directory traversal sequences. Attackers can manipulate the path parameter with base64-encoded payloads containing ../ sequences to...

CVE-2019-25610

NetNumber Titan Master 7.9.1 contains a path traversal vulnerability in the drp endpoint that allows authenticated users to download arbitrary files by injecting directory traversal sequences. Attackers can manipulate the path parameter with base64-encoded payloads containing ../ sequences to...

CVE-2019-25610

NetNumber Titan Master 7.9.1 contains a path traversal vulnerability in the drp endpoint that allows authenticated users to download arbitrary files by injecting directory traversal sequences. An attacker can manipulate the path parameter with base64-encoded payloads containing ../ sequences to b...

CVE-2019-25610 NetNumber Titan Master 7.9.1 Path Traversal via drp

NetNumber Titan Master 7.9.1 contains a path traversal vulnerability in the drp endpoint that allows authenticated users to download arbitrary files by injecting directory traversal sequences. Attackers can manipulate the path parameter with base64-encoded payloads containing ../ sequences to...

CVE-2019-25610 NetNumber Titan Master 7.9.1 Path Traversal via drp

NetNumber Titan Master 7.9.1 contains a path traversal vulnerability in the drp endpoint that allows authenticated users to download arbitrary files by injecting directory traversal sequences. Attackers can manipulate the path parameter with base64-encoded payloads containing ../ sequences to...

NetNumber Titan Master 路径遍历漏洞

NetNumber Titan Master is a number management platform developed by the American company NetNumber. The version 7.9.1 of NetNumber Titan Master contains a path traversal vulnerability. This vulnerability stems from the drp endpoint’s lack of protection against path traversal, allowing authenticat...

Elysium-Vanguard-Honor-Tool-Kit

🌌 Elysium Vanguard Honor Tool Kit: TITAN v13.0 Hardware-B...

ElysiumVanguard

🌌 Elysium Vanguard: TITAN v13.0 Hardware-Bridged Kernel E...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via improper validation in the SeekableOutputStream process. An attacker can cause memory corruption or execute arbitrary code by providing specially crafted PNG files. Remediation A fix was pushed into th...

CVE-2021-0453

In the Titan-M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2021-0450

In the Titan M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2021-0449

In the Titan M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2023-53893

Ateme TITAN File 3.9.12.4 contains an authenticated server-side request forgery vulnerability in the job callback URL parameter that allows attackers to bypass network restrictions. Attackers can exploit the unvalidated parameter to initiate file, service, and network enumeration by forcing the...

CVE-2023-53893

Ateme TITAN File 3.9.12.4 contains an authenticated server-side request forgery vulnerability in the job callback URL parameter that allows attackers to bypass network restrictions. Attackers can exploit the unvalidated parameter to initiate file, service, and network enumeration by forcing the...

CVE-2023-53893 Ateme TITAN File 3.9 Authenticated Server-Side Request Forgery Vulnerability

Ateme TITAN File 3.9.12.4 contains an authenticated server-side request forgery vulnerability in the job callback URL parameter that allows attackers to bypass network restrictions. Attackers can exploit the unvalidated parameter to initiate file, service, and network enumeration by forcing the...

CVE-2023-53893 Ateme TITAN File 3.9 Authenticated Server-Side Request Forgery Vulnerability

Ateme TITAN File 3.9.12.4 contains an authenticated server-side request forgery vulnerability in the job callback URL parameter that allows attackers to bypass network restrictions. Attackers can exploit the unvalidated parameter to initiate file, service, and network enumeration by forcing the...

CVE-2023-53893

Ateme TITAN File 3.9.12.4 contains an authenticated server-side request forgery (SSRF) in the job callback URL parameter, enabling an attacker to bypass network restrictions and force the application to make HTTP, DNS, or file requests to arbitrary destinations for enumeration. Affected component...

PT-2025-51311

Name of the Vulnerable Software and Affected Versions Ateme TITAN File version 3.9.12.4 Description The software contains an authenticated server-side request forgery issue in the job callback URL parameter. This allows attackers to bypass network restrictions. Exploitation involves an unvalidate...