Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
campaign vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-7850
Adobe Campaign Classic version 18.10.5-8984 and previous versions versions have a Command injection vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.
Adobe Campaign
1 Article
7.5
CVSSv3
CVE-2019-7941
Adobe Campaign Classic version 18.10.5-8984 and previous versions versions have an Information Exposure Through an Error Message vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.
Adobe Campaign
7.5
CVSSv3
CVE-2021-40745
Adobe Campaign version 21.2.1 (and previous versions) is affected by a Path Traversal vulnerability that could lead to reading arbitrary server files. By leveraging an exposed XML file, an unauthenticated attacker can enumerate other files on the server.
Adobe Campaign
NA
CVE-2012-3820
Multiple SQL injection vulnerabilities in Campaign11.exe in Arial Software Campaign Enterprise prior to 11.0.551 allow remote malicious users to execute arbitrary SQL commands via the (1) SerialNumber field to activate.asp or (2) UID field to User-Edit.asp.
Arialsoftware Campaign Enterprise
4.3
CVSSv3
CVE-2012-3821
A Security Bypass vulnerability exists in the activate.asp page in Arial Software Campaign Enterprise 11.0.551, which could let a remote malicious user modify the SerialNumber field.
Arialsoftware Campaign Enterprise
7.5
CVSSv3
CVE-2012-3822
Arial Campaign Enterprise prior to 11.0.551 has unauthorized access to the User-Edit.asp page, which allows remote malicious users to enumerate users' credentials.
Arialsoftware Campaign Enterprise
7.5
CVSSv3
CVE-2012-3823
Arial Campaign Enterprise prior to 11.0.551 stores passwords in clear text and these may be retrieved.
Arialsoftware Campaign Enterprise
7.5
CVSSv3
CVE-2012-3824
In Arial Campaign Enterprise prior to 11.0.551, multiple pages are accessible without authentication or authorization.
Arialsoftware Campaign Enterprise
6.1
CVSSv3
CVE-2023-38474
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Campaign Monitor Campaign Monitor for WordPress allows Reflected XSS.This issue affects Campaign Monitor for WordPress: from n/a up to and including 2.8.12.
Campaignmonitor Campaign Monitor
NA
CVE-2008-7092
Multiple cross-site scripting (XSS) vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote malicious users to inject arbitrary web script or HTML via a Javascript event in the (1) url, (2) PageName, and (3) title parameters in a CustomBookMarkLink action to Campaign/C...
Unica Affinium Campaign 7.2.1.0.55
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »