An issue was discovered in TitanHQ WebTitan before 5.18. In the administration web interface it is possible to upload a crafted backup file that enables an attacker to execute arbitrary code by overwriting existing files or adding new PHP files under the web root. This requires the attacker to have access to a valid web interface account.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-12-02T16:54:40

Updated: 2024-08-05T02:02:39.821Z

Reserved: 2019-11-17T00:00:00

Link: CVE-2019-19020

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-12-02T17:15:13.060

Modified: 2024-11-21T04:34:00.607

Link: CVE-2019-19020

cve-icon Redhat

No data.