Vulnerability Details CVE-2019-19016
An issue was discovered in TitanHQ WebTitan before 5.18. Some functions, such as /history-x.php, of the administration interface are vulnerable to SQL Injection through the results parameter. This could be used by an attacker to extract sensitive information from the appliance database.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2019-19016
-
cpe:2.3:a:titanhq:webtitan:5.12
-
cpe:2.3:a:titanhq:webtitan:5.13
-
cpe:2.3:a:titanhq:webtitan:5.14
-
cpe:2.3:a:titanhq:webtitan:5.15
-
cpe:2.3:a:titanhq:webtitan:5.16
-
cpe:2.3:a:titanhq:webtitan:5.17