Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
campaign vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-7847
Adobe Campaign Classic version 18.10.5-8984 and previous versions versions have an Improper Restriction of XML External Entity Reference ('XXE') vulnerability. Successful exploitation could lead to Arbitrary read access to the file system in the context of the current u...
Adobe Campaign
NA
CVE-2022-42343
Adobe Campaign version 7.3.1 (and previous versions) and 8.3.9 (and previous versions) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A low-privilege authenticated attacker can force the application to make arbitr...
Adobe Campaign
5
CVSSv2
CVE-2019-7843
Adobe Campaign Classic version 18.10.5-8984 and previous versions versions have an Insufficient input validation vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.
Adobe Campaign
4
CVSSv2
CVE-2012-3821
A Security Bypass vulnerability exists in the activate.asp page in Arial Software Campaign Enterprise 11.0.551, which could let a remote malicious user modify the SerialNumber field.
Arialsoftware Campaign Enterprise
5
CVSSv2
CVE-2012-3823
Arial Campaign Enterprise prior to 11.0.551 stores passwords in clear text and these may be retrieved.
Arialsoftware Campaign Enterprise
7.5
CVSSv2
CVE-2012-3820
Multiple SQL injection vulnerabilities in Campaign11.exe in Arial Software Campaign Enterprise prior to 11.0.551 allow remote malicious users to execute arbitrary SQL commands via the (1) SerialNumber field to activate.asp or (2) UID field to User-Edit.asp.
Arialsoftware Campaign Enterprise
5
CVSSv2
CVE-2012-3822
Arial Campaign Enterprise prior to 11.0.551 has unauthorized access to the User-Edit.asp page, which allows remote malicious users to enumerate users' credentials.
Arialsoftware Campaign Enterprise
5
CVSSv2
CVE-2012-3824
In Arial Campaign Enterprise prior to 11.0.551, multiple pages are accessible without authentication or authorization.
Arialsoftware Campaign Enterprise
NA
CVE-2023-38474
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Campaign Monitor Campaign Monitor for WordPress allows Reflected XSS.This issue affects Campaign Monitor for WordPress: from n/a up to and including 2.8.12.
Campaignmonitor Campaign Monitor
4.3
CVSSv2
CVE-2008-7092
Multiple cross-site scripting (XSS) vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote malicious users to inject arbitrary web script or HTML via a Javascript event in the (1) url, (2) PageName, and (3) title parameters in a CustomBookMarkLink action to Campaign/C...
Unica Affinium Campaign 7.2.1.0.55
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »