First published: Thu Sep 17 2020(Updated: )
An issue was discovered in Titan SpamTitan 7.07. Improper validation of the parameter fname on the page certs-x.php would allow an attacker to execute remote code on the target server. The user has to be authenticated before interacting with this page.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
TitanHQ SpamTitan | =7.07 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2020-11699 is critical with a CVSS score of 8.8.
CVE-2020-11699 affects Titan SpamTitan version 7.07.
The CWE of CVE-2020-11699 is CWE-78.
An attacker can exploit CVE-2020-11699 by executing remote code on the target server after improper validation of the parameter fname on the page certs-x.php.
Yes, user authentication is required before interacting with the page where the vulnerability occurs.