Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
activecampaign vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-3829
index.php in ActiveCampaign KnowledgeBuilder 2.4 and previous versions allows remote malicious users to cause a denial of service (CPU consumption) via an invalid category parameter, which causes a large number of SQL queries to be processed.
Activecampaign Knowledgebuilder 2.4
NA
CVE-2006-1487
Cross-site scripting (XSS) vulnerability in ActiveCampaign SupportTrio 2.50.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified parameters to the KnowledgeBase search module.
Activecampaign Supporttrio 2.50.2
1 EDB exploit
NA
CVE-2006-1488
ActiveCampaign SupportTrio 2.5 allows remote malicious users to obtain the full path of the server via invalid (1) article or (2) print parameters in a kb action to index.php, or (3) an invalid category parameter to modules/KB/pdf.php, which leaks the path in an error message.
Activecampaign Supporttrio 2.50.2
NA
CVE-2005-4634
SQL injection vulnerability in index.php in ActiveCampaign SupportTrio 1.4 allows remote malicious users to execute arbitrary SQL commands via the page parameter. NOTE: the provenance of this information is unknown because the source URL is not available; the details are obtained...
Activecampaign Supporttrio 1.4
NA
CVE-2005-3679
SQL injection vulnerability in admin/index.php in ActiveCampaign 1-2-All Broadcast Email allows remote malicious users to execute arbitrary SQL commands and bypass authentication via the username field in the admin control panel.
Activecampaign 1-2-all Broadcast Email 4.07
1 EDB exploit
NA
CVE-2024-32430
Server-Side Request Forgery (SSRF) vulnerability in ActiveCampaign.This issue affects ActiveCampaign: from n/a up to and including 8.1.14.
NA
CVE-2005-3830
index.php in ActiveCampaign SupportTrio 1.4 and previous versions allows remote malicious users to read or include arbitrary files via the page parameter, possibly due to a directory traversal vulnerability.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2