Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbBhs_teamEDB-ID:26501
HistoryNov 12, 2005 - 12:00 a.m.

ActiveCampaign 1-2-All Broadcast Email 4.0 - Admin Control Panel 'Username' SQL Injection

2005-11-1200:00:00
bhs_team
www.exploit-db.com
14

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/15400/info

ActiveCampaign 1-2-All Broadcast Email is prone to an SQL-injection vulnerability. This is an input-validation issue related to data that will be used in SQL queries, allowing a remote user to influence the structure and logic of a query.

Successful attacks could compromise the software. Depending on the database implementation and the nature of the affected query, the attacker may be able to gain unauthorized access to the database. 

http://www.example.com/[12allTarget]/admin/index.php

Username: ' or 1=1 /*
Password: (Nothing)(Blank)

Related

cve 1
nvd 1
checkpoint_advisories 1
cvelist 1
cve
cve
CVE-2005-3679
2005-11-18 23:03:00
nvd
nvd
CVE-2005-3679
2005-11-18 23:03:00
checkpoint_advisories
checkpoint_advisories
ActiveCampaign 1-2-All Broadcast Email sername Parameter SQL Injection - Ver2 (CVE-2005-3679)
2014-03-31 00:00:00
cvelist
cvelist
CVE-2005-3679
2005-11-18 23:00:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:26501
cve1nvd1checkpoint_advisories1cvelist1