EUVD-2020-4146

Malware in sbrugna...

CVE-2020-11700

An issue was discovered in Titan SpamTitan 7.07. Improper sanitization of the parameter fname, used on the page certs-x.php, would allow an attacker to retrieve the contents of arbitrary files. The user has to be authenticated before interacting with this page...

Design/Logic Flaw

An issue was discovered in Titan SpamTitan 7.07. Improper sanitization of the parameter fname, used on the page certs-x.php, would allow an attacker to retrieve the contents of arbitrary files. The user has to be authenticated before interacting with this page...

CVE-2020-24046

A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. This restricted shell can be bypassed after changing the properties of the user admin in the operating...

CVE-2020-11700

An issue was discovered in Titan SpamTitan 7.07. Improper sanitization of the parameter fname, used on the page certs-x.php, would allow an attacker to retrieve the contents of arbitrary files. The user has to be authenticated before interacting with this page...

CVE-2020-11700

Titan SpamTitan 7.07 contains an arbitrary file-read vulnerability in certs-x.php caused by improper sanitization of the fname parameter. An authenticated attacker can retrieve contents of arbitrary files. Connected sources (Red Hat, CNVD, CVE records) corroborate the issue and page/certs-x.php c...

CVE-2020-11699

CVE-2020-11699 affects Titan SpamTitan 7.07. The issue is improper validation of the fname parameter on certs-x.php, enabling remote code execution on the target server when an authenticated user interacts with that page. Documented impact indicates attacker-controlled input could trigger code ex...

CVE-2007-3324

Multiple cross-site scripting XSS vulnerabilities in Comersus Cart 7.07 allow remote attackers to inject arbitrary web script or HTML via the redirectUrl parameter to 1 comersuscustomerAuthenticateForm.asp or 2 comersusmessage.asp, different vectors than CVE-2004-0681...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Comersus Cart 7.07 allow remote attackers to inject arbitrary web script or HTML via the redirectUrl parameter to 1 comersuscustomerAuthenticateForm.asp or 2 comersusmessage.asp, different vectors than CVE-2004-0681...

CVE-2007-3324

CVE-2007-3324 documents multiple XSS vulnerabilities in Comersus Cart 7.07, enabling remote attackers to inject arbitrary script or HTML via the redirectUrl parameter to comersus_customerAuthenticateForm.asp or comersus_message.asp. The description notes these are different vectors than CVE-2004-...

csc-sqlxss.txt

--- Comersus Shop Cart 7.07 SQL Injection & XSS Comersus is an active server pages asp software for running shopping stores, integrated with the rest of your web site. Comersus ASP Cart is free and IT CAN BE used for commercial purposes. An attacker may leverage this issue to have arbitrary scrip...