Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
activecampaign vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-1488
ActiveCampaign SupportTrio 2.5 allows remote malicious users to obtain the full path of the server via invalid (1) article or (2) print parameters in a kb action to index.php, or (3) an invalid category parameter to modules/KB/pdf.php, which leaks the path in an error message.
Activecampaign Supporttrio 2.50.2
NA
CVE-2005-4634
SQL injection vulnerability in index.php in ActiveCampaign SupportTrio 1.4 allows remote malicious users to execute arbitrary SQL commands via the page parameter. NOTE: the provenance of this information is unknown because the source URL is not available; the details are obtained...
Activecampaign Supporttrio 1.4
NA
CVE-2006-5919
PHP remote file inclusion vulnerability in admin/e_data/visEdit_control.class.php in ActiveCampaign KnowledgeBuilder 2.2 allows remote malicious users to execute arbitrary PHP code via a URL in the visEdit_root parameter, a different vector than CVE-2003-1131.
Activecampaign Knowledgebuilder 2.2
1 EDB exploit
NA
CVE-2006-1487
Cross-site scripting (XSS) vulnerability in ActiveCampaign SupportTrio 2.50.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified parameters to the KnowledgeBase search module.
Activecampaign Supporttrio 2.50.2
1 EDB exploit
NA
CVE-2005-3679
SQL injection vulnerability in admin/index.php in ActiveCampaign 1-2-All Broadcast Email allows remote malicious users to execute arbitrary SQL commands and bypass authentication via the username field in the admin control panel.
Activecampaign 1-2-all Broadcast Email 4.07
1 EDB exploit
NA
CVE-2024-32430
Server-Side Request Forgery (SSRF) vulnerability in ActiveCampaign.This issue affects ActiveCampaign: from n/a up to and including 8.1.14.
NA
CVE-2005-3830
index.php in ActiveCampaign SupportTrio 1.4 and previous versions allows remote malicious users to read or include arbitrary files via the page parameter, possibly due to a directory traversal vulnerability.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2