An issue exists in TitanHQ WebTitan prior to 5.18. In the administration web interface it is possible to upload a crafted backup file that enables an malicious user to execute arbitrary code by overwriting existing files or adding new PHP files under the web root. This requires the malicious user to have access to a valid web interface account.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
titanhq webtitan |