SQL Injection Vulnerability in TitanHQ WebTitan Administration Interface

SQL Injection Vulnerability in TitanHQ WebTitan Administration Interface

CVE-2019-19016 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

An issue was discovered in TitanHQ WebTitan before 5.18. Some functions, such as /history-x.php, of the administration interface are vulnerable to SQL Injection through the results parameter. This could be used by an attacker to extract sensitive information from the appliance database.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.