The document describes a SQL injection vulnerability in SpamTitan Application v5.08x, specifically in the 'viewmail.php' file with parameters 'qid' and 'rid'. The vulnerability allows remote attackers to execute blind SQL injection via an 'order by' technique.
Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:SpamTitan Application v5.08x
No auth needed
Prerequisites:Network access to the target application