26 matches found
EUVD-2005-3825
Malware in sbrugna...
EUVD-2006-0973
Malware in sbrugna...
EUVD-2005-4629
Malware in sbrugna...
EUVD-2006-1492
Malware in sbrugna...
ActiveCampaign SupportTrio 2.50.2 - Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. ActiveCampaign SupportTrio is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in t...
Cross site scripting
Cross-site scripting XSS vulnerability in ActiveCampaign SupportTrio 2.50.2 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the KnowledgeBase search module...
CVE-2006-1487
Cross-site scripting XSS vulnerability in ActiveCampaign SupportTrio 2.50.2 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the KnowledgeBase search module...
CVE-2006-1488
ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain the full path of the server via invalid 1 article or 2 print parameters in a kb action to index.php, or 3 an invalid category parameter to modules/KB/pdf.php, which leaks the path in an error message...
CVE-2006-1488
ActiveCampaign SupportTrio 2.5 is affected. The issue exposes the server’s full path via error messages when handling (1) invalid article or (2) invalid print parameters in a kb action to index.php, or (3) an invalid category parameter to modules/KB/pdf.php. Root cause: error messages leak path i...
CVE-2006-1487
CVE-2006-1487 describes a Cross-site scripting (XSS) vulnerability in ActiveCampaign SupportTrio 2.50.2. The flaw allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the KnowledgeBase search module. The NVD reports a CVSS2 base score of 4.3 (MEDIUM) with N...
CVE-2006-1488
ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain the full path of the server via invalid 1 article or 2 print parameters in a kb action to index.php, or 3 an invalid category parameter to modules/KB/pdf.php, which leaks the path in an error message...
CVE-2006-1487
Cross-site scripting XSS vulnerability in ActiveCampaign SupportTrio 2.50.2 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the KnowledgeBase search module...
ActiveCampaign SupportTrio 2.5 vuln.
ActiveCampaign SupportTrio 2.5 vuln. Vuln. discovered by : r0t Date: 28 march 2006 vendor:http://www.activecampaign.com/ affected versions: 2.50.2 orginal advisory:http://pridels.blogspot.com/2006/03/activecampaign-supporttrio-25-vuln.html Vuln. description: ActiveCampaign SupportTrio contains a...
ActiveCampaign SupportTrio 2.50.2 - Multiple Cross-Site Scripting Vulnerabilities
ActiveCampaign SupportTrio 2.50.2 - Multiple Cross-Site Scripting Vulnerabilities ActiveCampaign SupportTrio is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these...
ActiveCampaign SupportTrio 2.50.2 - Multiple Cross-Site Scripting Vulnerabilities
ActiveCampaign SupportTrio is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user ...
CVE-2006-0970
PHP remote file inclusion vulnerability in index.php in one or more ActiveCampaign products, possibly SupportTrio, allows remote attackers to include and execute arbitrary files via the page parameter...
Remote file inclusion
PHP remote file inclusion vulnerability in index.php in one or more ActiveCampaign products, possibly SupportTrio, allows remote attackers to include and execute arbitrary files via the page parameter...
CVE-2006-0970
CVE-2006-0970 is a PHP remote file inclusion vulnerability in index.php used by one or more ActiveCampaign products, potentially SupportTrio. The underlying issue is improper handling of the page parameter, allowing attackers to include and execute arbitrary files. The CVSS 2.0 base score is 7.5 ...
CVE-2006-0970
PHP remote file inclusion vulnerability in index.php in one or more ActiveCampaign products, possibly SupportTrio, allows remote attackers to include and execute arbitrary files via the page parameter...
CVE-2005-4634
CVE-2005-4634 describes an SQL injection in index.php of ActiveCampaign SupportTrio 1.4, exploitable via the page parameter. The vulnerability is documented with a high impact score (CVSS v2 base 7.5) and network access with no authentication required, causing potential unauthorized database comm...