Описание
An issue was discovered in Titan SpamTitan 7.07. Due to improper sanitization of the parameter quid, used in the page mailqueue.php, code injection can occur. The input for this parameter is provided directly by an authenticated user via an HTTP GET request.
Ссылки
- ExploitThird Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- Third Party Advisory
- Vendor Advisory
- ExploitThird Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:titanhq:spamtitan:7.07:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05736
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
около 3 лет назад
An issue was discovered in Titan SpamTitan 7.07. Due to improper sanitization of the parameter quid, used in the page mailqueue.php, code injection can occur. The input for this parameter is provided directly by an authenticated user via an HTTP GET request.
EPSS
Процентиль: 90%
0.05736
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-94