Spamtitan@7.07 Security Vulnerabilities and Issues — Spamtitan@7.07 CVE List

Lucene search

TitanhqSpamtitan7.07

7 matches found

CVE•added 2020/09/17 5:15 p.m.•102 views

CVE-2020-11699

An issue was discovered in Titan SpamTitan 7.07. Improper validation of the parameter fname on the page certs-x.php would allow an attacker to execute remote code on the target server. The user has to be authenticated before interacting with this page.

9CVSS8.8AI score0.16879EPSS

CVE•added 2020/09/17 5:15 p.m.•67 views

CVE-2020-11698

An issue was discovered in Titan SpamTitan 7.07. Improper input sanitization of the parameter community on the page snmp-x.php would allow a remote attacker to inject commands into the file snmpd.conf that would allow executing commands on the target server.

10CVSS9.3AI score0.83123EPSS

CVE•added 2020/09/17 5:15 p.m.•59 views

CVE-2020-11804

An issue was discovered in Titan SpamTitan 7.07. Due to improper sanitization of the parameter quid, used in the page mailqueue.php, code injection can occur. The input for this parameter is provided directly by an authenticated user via an HTTP GET request.

8.8CVSS8.7AI score0.05736EPSS

CVE•added 2020/09/17 5:15 p.m.•58 views

CVE-2020-11700

An issue was discovered in Titan SpamTitan 7.07. Improper sanitization of the parameter fname, used on the page certs-x.php, would allow an attacker to retrieve the contents of arbitrary files. The user has to be authenticated before interacting with this page.

6.5CVSS6.8AI score0.12111EPSS

CVE•added 2020/09/17 5:15 p.m.•48 views

CVE-2020-11803

An issue was discovered in Titan SpamTitan 7.07. Improper sanitization of the parameter jaction when interacting with the page mailqueue.php could lead to PHP code evaluation server-side, because the user-provided input is passed directly to the php eval() function. The user has to be authenticated...

8.8CVSS8.6AI score0.05012EPSS

CVE•added 2020/09/17 5:15 p.m.•36 views

CVE-2020-24045

A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. The restricted shell can be bypassed by presenting a fake vmware-tools ISO image to the guest virtual machi...

9CVSS7AI score0.01167EPSS

CVE•added 2020/09/17 5:15 p.m.•32 views

CVE-2020-24046

A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. This restricted shell can be bypassed after changing the properties of the user admin in the operating syst...

9CVSS6.8AI score0.03565EPSS