CVE-2008-5055

2008-11-1311:00:00

mitre

www.cve.org

8.4 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.2%

JSON

SQL injection vulnerability in department_offline_context.php in ActiveCampaign TrioLive before 1.58.7 allows remote attackers to execute arbitrary SQL commands via the department_id parameter to index.php.

References

activecampaign.com/support/forum/showthread.php?t=4554

holisticinfosec.org/content/view/93/45/

osvdb.org/49825

secunia.com/advisories/32703

www.securityfocus.com/bid/32268

www.vupen.com/english/advisories/2008/3125

exchange.xforce.ibmcloud.com/vulnerabilities/46557