EUVD-2012-3767

Malware in sbrugna...

EUVD-2012-3768

Malware in sbrugna...

CVE-2012-3821

A Security Bypass vulnerability exists in the activate.asp page in Arial Software Campaign Enterprise 11.0.551, which could let a remote malicious user modify the SerialNumber field...

CVE-2012-3821

A Security Bypass vulnerability exists in the activate.asp page in Arial Software Campaign Enterprise 11.0.551, which could let a remote malicious user modify the SerialNumber field...

CVE-2012-3821

CVE-2012-3821 affects Arial Software Campaign Enterprise prior to or up to version 11.0.551, with a Security Bypass in the activate.asp page that could allow a remote attacker to modify the SerialNumber field. The trusted impact stated in sources is that this bypass enables unauthorized modificat...

CVE-2012-3820

Multiple SQL injection vulnerabilities in Campaign11.exe in Arial Software Campaign Enterprise before 11.0.551 allow remote attackers to execute arbitrary SQL commands via the 1 SerialNumber field to activate.asp or 2 UID field to User-Edit.asp...

CVE-2012-3820

CVE-2012-3820 affects Arial Software Campaign Enterprise prior to 11.0.551. The vulnerability is multiple SQL injections in Campaign11.exe allowing an attacker to inject SQL via (1) SerialNumber to activate.asp or (2) UID to User-Edit.asp. Connections across sources confirm remote exploitation an...

CVE-2012-3820

Multiple SQL injection vulnerabilities in Campaign11.exe in Arial Software Campaign Enterprise before 11.0.551 allow remote attackers to execute arbitrary SQL commands via the 1 SerialNumber field to activate.asp or 2 UID field to User-Edit.asp...

Campaign Enterprise 11.0.421 SQLi Vulnerability

No description provided by source. Exploit Title: Campaign Enterprise 11.0.421 SQLi Vulnerability Author: Craig Freyman @cd1zz Date Discovered: 12/12/2011 Vendor Site: http://www.arialsoftware.com Vendor Notified: 1/19/2012 Vendor Fixed: 1/30/2012 Version 11.0.512 Description: The SID parameter i...