titanhq

Top products

The 15 most recently published vulnerabilities affecting titanhq.

• CVE-2020-35658SpamTitan before 7.09 allows attackers to tamper with backups, because backups are not encrypted.5.3Dec 23, 2020
• CVE-2020-24046A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. This ...7.2Sep 17, 2020
• CVE-2020-24045A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. The r...7.2Sep 17, 2020
• CVE-2020-11700An issue was discovered in Titan SpamTitan 7.07. Improper sanitization of the parameter fname, used on the page certs-x.php, would allow an attacker to retrieve the contents of arbitrary files. The...6.5Sep 17, 2020
• CVE-2020-11699An issue was discovered in Titan SpamTitan 7.07. Improper validation of the parameter fname on the page certs-x.php would allow an attacker to execute remote code on the target server. The user has...8.8Sep 17, 2020
• CVE-2020-11698An issue was discovered in Titan SpamTitan 7.07. Improper input sanitization of the parameter community on the page snmp-x.php would allow a remote attacker to inject commands into the file snmpd.c...9.8Sep 17, 2020
• CVE-2020-11804An issue was discovered in Titan SpamTitan 7.07. Due to improper sanitization of the parameter quid, used in the page mailqueue.php, code injection can occur. The input for this parameter is provid...8.8Sep 17, 2020
• CVE-2020-11803An issue was discovered in Titan SpamTitan 7.07. Improper sanitization of the parameter jaction when interacting with the page mailqueue.php could lead to PHP code evaluation server-side, because t...8.8Sep 17, 2020
• CVE-2019-19021An issue was discovered in TitanHQ WebTitan before 5.18. It has a hidden support account (with a hard-coded password) in the web administration interface, with administrator privileges. Anybody can...9.8Dec 2, 2019
• CVE-2019-19020An issue was discovered in TitanHQ WebTitan before 5.18. In the administration web interface it is possible to upload a crafted backup file that enables an attacker to execute arbitrary code by ove...7.2Dec 2, 2019
• CVE-2019-19019An issue was discovered in TitanHQ WebTitan before 5.18. It contains a Remote Code Execution issue through which an attacker can execute arbitrary code as root. The issue stems from the hotfix down...7.5Dec 2, 2019
• CVE-2019-19018An issue was discovered in TitanHQ WebTitan before 5.18. It exposes a database configuration file under /include/dbconfig.ini in the web administration interface, revealing what database the web ap...2.7Dec 2, 2019
• CVE-2019-19017An issue was discovered in TitanHQ WebTitan before 5.18. The appliance has a hard-coded root password set during installation. An attacker could utilize this to gain root privileges on the system.8.1Dec 2, 2019
• CVE-2019-19016An issue was discovered in TitanHQ WebTitan before 5.18. Some functions, such as /history-x.php, of the administration interface are vulnerable to SQL Injection through the results parameter. This ...7.5Dec 2, 2019
• CVE-2019-19015An issue was discovered in TitanHQ WebTitan before 5.18. The proxy service (which is typically exposed to all users) allows connections to the internal PostgreSQL database of the appliance. By conn...9.8Dec 2, 2019