Spamtitan Webtitan vulnerabilities
3 known vulnerabilities affecting spamtitan/webtitan.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2011-4640P4MEDIUMCVSS 4.0PoC≤ 3.502012-10-08
CVE-2011-4640 [MEDIUM] CWE-22 CVE-2011-4640: Directory traversal vulnerability in logs-x.php in SpamTitan WebTitan before 3.60 allows remote auth
Directory traversal vulnerability in logs-x.php in SpamTitan WebTitan before 3.60 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the fname parameter in a view action.
nvd
CVE-2011-4638P3HIGHCVSS 7.5≤ 3.502012-10-08
CVE-2011-4638 [HIGH] CWE-89 CVE-2011-4638: Multiple SQL injection vulnerabilities in SpamTitan WebTitan before 3.60 allow remote attackers to e
Multiple SQL injection vulnerabilities in SpamTitan WebTitan before 3.60 allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to login-x.php, and allow remote authenticated users to execute arbitrary SQL commands via the (2) bldomain, (3) wldomain, or (4) temid parameter to urls-x.php.
nvd
CVE-2011-4639P4MEDIUMCVSS 6.5≤ 3.502012-10-08
CVE-2011-4639 [MEDIUM] CWE-94 CVE-2011-4639: The (1) Traceroute and (2) Ping implementations in tools.php in SpamTitan WebTitan before 3.60 allow
The (1) Traceroute and (2) Ping implementations in tools.php in SpamTitan WebTitan before 3.60 allow remote authenticated users to execute arbitrary commands via shell metacharacters in an argument, as demonstrated by an && (ampersand ampersand) sequence.
nvd