Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
activecampaign activecampaign vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-4634
SQL injection vulnerability in index.php in ActiveCampaign SupportTrio 1.4 allows remote malicious users to execute arbitrary SQL commands via the page parameter. NOTE: the provenance of this information is unknown because the source URL is not available; the details are obtained...
Activecampaign Supporttrio 1.4
7.5
CVSSv2
CVE-2006-5919
PHP remote file inclusion vulnerability in admin/e_data/visEdit_control.class.php in ActiveCampaign KnowledgeBuilder 2.2 allows remote malicious users to execute arbitrary PHP code via a URL in the visEdit_root parameter, a different vector than CVE-2003-1131.
Activecampaign Knowledgebuilder 2.2
1 EDB exploit
5
CVSSv2
CVE-2006-1488
ActiveCampaign SupportTrio 2.5 allows remote malicious users to obtain the full path of the server via invalid (1) article or (2) print parameters in a kb action to index.php, or (3) an invalid category parameter to modules/KB/pdf.php, which leaks the path in an error message.
Activecampaign Supporttrio 2.50.2
4.3
CVSSv2
CVE-2006-1487
Cross-site scripting (XSS) vulnerability in ActiveCampaign SupportTrio 2.50.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified parameters to the KnowledgeBase search module.
Activecampaign Supporttrio 2.50.2
1 EDB exploit
7.5
CVSSv2
CVE-2005-3679
SQL injection vulnerability in admin/index.php in ActiveCampaign 1-2-All Broadcast Email allows remote malicious users to execute arbitrary SQL commands and bypass authentication via the username field in the admin control panel.
Activecampaign 1-2-all Broadcast Email 4.07
1 EDB exploit
NA
CVE-2024-32430
Server-Side Request Forgery (SSRF) vulnerability in ActiveCampaign.This issue affects ActiveCampaign: from n/a up to and including 8.1.14.
5
CVSSv2
CVE-2005-3830
index.php in ActiveCampaign SupportTrio 1.4 and previous versions allows remote malicious users to read or include arbitrary files via the page parameter, possibly due to a directory traversal vulnerability.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2