Unrated severityNVD Advisory· Published Jul 3, 2014· Updated May 6, 2026
CVE-2014-2965
CVE-2014-2965
Description
Cross-site scripting (XSS) vulnerability in auth-settings-x.php in SpamTitan before 6.04 allows remote attackers to inject arbitrary web script or HTML via the sortdir parameter.
Affected products
12cpe:2.3:a:spamtitan:spamtitan:*:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:spamtitan:spamtitan:*:*:*:*:*:*:*:*range: <=6.03
- cpe:2.3:a:spamtitan:spamtitan:5.04:*:*:*:*:*:*:*
- cpe:2.3:a:spamtitan:spamtitan:5.05:*:*:*:*:*:*:*
- cpe:2.3:a:spamtitan:spamtitan:5.06:*:*:*:*:*:*:*
- cpe:2.3:a:spamtitan:spamtitan:5.07:*:*:*:*:*:*:*
- cpe:2.3:a:spamtitan:spamtitan:5.08:*:*:*:*:*:*:*
- cpe:2.3:a:spamtitan:spamtitan:5.10:*:*:*:*:*:*:*
- cpe:2.3:a:spamtitan:spamtitan:5.11:*:*:*:*:*:*:*
- cpe:2.3:a:spamtitan:spamtitan:5.12:*:*:*:*:*:*:*
- cpe:2.3:a:spamtitan:spamtitan:5.13:*:*:*:*:*:*:*
- cpe:2.3:a:spamtitan:spamtitan:6.00:*:*:*:*:*:*:*
- cpe:2.3:a:spamtitan:spamtitan:6.01:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- www.kb.cert.org/vuls/id/849500nvdThird Party AdvisoryUS Government Resource
- packetstormsecurity.com/files/127184/SpamTitan-6.01-Cross-Site-Scripting.htmlnvd
- seclists.org/fulldisclosure/2014/Jun/113nvd
- www.securityfocus.com/bid/68143nvd
News mentions
0No linked articles in our index yet.