An issue was discovered in TitanHQ WebTitan before 5.18. In the administration web interface it is possible to upload a crafted backup file that enables an attacker to execute arbitrary code by overwriting existing files or adding new PHP files under the web root. This requires the attacker to have access to a valid web interface account.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-12-02T16:54:40
Updated: 2024-08-05T02:02:39.821Z
Reserved: 2019-11-17T00:00:00
Link: CVE-2019-19020
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-12-02T17:15:13.060
Modified: 2024-11-21T04:34:00.607
Link: CVE-2019-19020
Redhat
No data.