Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
campaign vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2008-7093
Multiple directory traversal vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote malicious users to (1) create arbitrary directories or files via a .. (dot dot) in the folder name in the new folder functionality or (2) list arbitrary files via a crafted request to ...
Unica Affinium Campaign 7.2.1.0.55
445
VMScore
CVE-2008-7094
Campaign/CampaignListener in the listener server in Unica Affinium Campaign 7.2.1.0.55 allows remote malicious users to cause a denial of service (server crash) via a crafted length field that triggers (1) connection exhaustion or (2) memory allocation failure.
Unica Affinium Campaign 7.2.1.0.55
481
VMScore
CVE-2014-7000
The Paul Alexander Campaign (aka hr.apps.n51261427) application 4.5.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Paulalexanderformayor Paul Alexander Campaign 4.5.8
NA
CVE-2023-5098
The Campaign Monitor Forms by Optin Cat WordPress plugin prior to 2.5.6 does not prevent users with low privileges (like subscribers) from overwriting any options on a site with the string "true", which could lead to a variety of outcomes, including DoS.
Fatcatapps Campaign Monitor Optin Cat
383
VMScore
CVE-2013-3263
Multiple cross-site scripting (XSS) vulnerabilities in the WP Ultimate Email Marketer plugin 1.1.0 and possibly earlier for Wordpress allow remote malicious users to inject arbitrary web script or HTML via the (1) siteurl parameter to campaign/campaignone.php; the (2) action, (3)...
Smackcoders Wp Ultimate Email Marketer Plugin
Smackcoders Wp Ultimate Email Marketer Plugin 1.0.3
Smackcoders Wp Ultimate Email Marketer Plugin 1.0.2
Smackcoders Wp Ultimate Email Marketer Plugin 1.0.1
Smackcoders Wp Ultimate Email Marketer Plugin 1.0.0
383
VMScore
CVE-2022-1407
The VikBooking Hotel Booking Engine & PMS WordPress plugin prior to 1.5.8 does not have CSRF check in place when adding a tracking campaign, and does not escape the campaign fields when outputting them In attributes. As a result, attackers could make a logged in admin add tra...
Vikwp Hotel Booking Engine \\& Pms
578
VMScore
CVE-2017-6576
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/campaign-delete.php with the GET Parameter: id.
Mail-masta Project Mail-masta 1.0
580
VMScore
CVE-2017-6570
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/view-campaign-list.php with the GET Parameter: id.
Mail-masta Project Mail-masta 1.0
312
VMScore
CVE-2020-36398
A stored cross site scripting (XSS) vulnerability in phplist 3.5.4 and below allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the "Campaign" field under the "Send a campaign" module.
Phplist Phplist
570
VMScore
CVE-2013-3264
The WP Ultimate Email Marketer plugin 1.1.0 and possibly earlier for Wordpress does not properly restrict access to (1) list/edit.php and (2) campaign/editCampaign.php, which allows remote malicious users to modify list or campaign data.
Smackcoders Wp Ultimate Email Marketer Plugin 1.0.3
Smackcoders Wp Ultimate Email Marketer Plugin 1.0.2
Smackcoders Wp Ultimate Email Marketer Plugin 1.0.1
Smackcoders Wp Ultimate Email Marketer Plugin 1.0.0
Smackcoders Wp Ultimate Email Marketer Plugin
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »