26 matches found
EUVD-2006-0973
Malware in sbrugna...
EUVD-2006-1492
Malware in sbrugna...
EUVD-2005-4629
Malware in sbrugna...
EUVD-2005-3825
Malware in sbrugna...
ActiveCampaign SupportTrio 2.50.2 - Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. ActiveCampaign SupportTrio is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in t...
Cross site scripting
Cross-site scripting XSS vulnerability in ActiveCampaign SupportTrio 2.50.2 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the KnowledgeBase search module...
CVE-2006-1487
Cross-site scripting XSS vulnerability in ActiveCampaign SupportTrio 2.50.2 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the KnowledgeBase search module...
CVE-2006-1488
ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain the full path of the server via invalid 1 article or 2 print parameters in a kb action to index.php, or 3 an invalid category parameter to modules/KB/pdf.php, which leaks the path in an error message...
CVE-2006-1488
ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain the full path of the server via invalid 1 article or 2 print parameters in a kb action to index.php, or 3 an invalid category parameter to modules/KB/pdf.php, which leaks the path in an error message...
CVE-2006-1487
Cross-site scripting XSS vulnerability in ActiveCampaign SupportTrio 2.50.2 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the KnowledgeBase search module...
CVE-2006-1487
CVE-2006-1487 describes a Cross-site scripting (XSS) vulnerability in ActiveCampaign SupportTrio 2.50.2. The flaw allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the KnowledgeBase search module. The NVD reports a CVSS2 base score of 4.3 (MEDIUM) with N...
CVE-2006-1488
ActiveCampaign SupportTrio 2.5 is affected. The issue exposes the server’s full path via error messages when handling (1) invalid article or (2) invalid print parameters in a kb action to index.php, or (3) an invalid category parameter to modules/KB/pdf.php. Root cause: error messages leak path i...
ActiveCampaign SupportTrio 2.5 vuln.
ActiveCampaign SupportTrio 2.5 vuln. Vuln. discovered by : r0t Date: 28 march 2006 vendor:http://www.activecampaign.com/ affected versions: 2.50.2 orginal advisory:http://pridels.blogspot.com/2006/03/activecampaign-supporttrio-25-vuln.html Vuln. description: ActiveCampaign SupportTrio contains a...
ActiveCampaign SupportTrio 2.50.2 - Multiple Cross-Site Scripting Vulnerabilities
ActiveCampaign SupportTrio 2.50.2 - Multiple Cross-Site Scripting Vulnerabilities ActiveCampaign SupportTrio is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these...
ActiveCampaign SupportTrio 2.50.2 - Multiple Cross-Site Scripting Vulnerabilities
ActiveCampaign SupportTrio is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user ...
Remote file inclusion
PHP remote file inclusion vulnerability in index.php in one or more ActiveCampaign products, possibly SupportTrio, allows remote attackers to include and execute arbitrary files via the page parameter...
CVE-2006-0970
PHP remote file inclusion vulnerability in index.php in one or more ActiveCampaign products, possibly SupportTrio, allows remote attackers to include and execute arbitrary files via the page parameter...
CVE-2006-0970
CVE-2006-0970 is a PHP remote file inclusion vulnerability in index.php used by one or more ActiveCampaign products, potentially SupportTrio. The underlying issue is improper handling of the page parameter, allowing attackers to include and execute arbitrary files. The CVSS 2.0 base score is 7.5 ...
CVE-2006-0970
PHP remote file inclusion vulnerability in index.php in one or more ActiveCampaign products, possibly SupportTrio, allows remote attackers to include and execute arbitrary files via the page parameter...
CVE-2005-4634
SQL injection vulnerability in index.php in ActiveCampaign SupportTrio 1.4 allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: the provenance of this information is unknown because the source URL is not available; the details are obtained solely from third part...