CVE-2006-0970

CVE-2006-0970 is a PHP remote file inclusion vulnerability in index.php used by one or more ActiveCampaign products, potentially SupportTrio. The underlying issue is improper handling of the page parameter, allowing attackers to include and execute arbitrary files. The CVSS 2.0 base score is 7.5 ...

CVE-2003-1131

CVE-2003-1131 is a PHP remote file inclusion vulnerability affecting KnowledgeBuilder (KnowledgeBase) via index.php. An attacker can modify the page parameter to reference a remote URL containing PHP code, enabling arbitrary code execution on the affected server. The NVD description specifies a n...

CVE-2005-3828

ActiveCampaign KnowledgeBuilder up to version 2.4 is affected by an SQL injection in index.php via the article parameter. Remote attackers could execute arbitrary SQL commands, with partial confidentiality/integrity/availability impact described. Affected component: index.php within KnowledgeBuil...

CVE-2006-5919

CVE-2006-5919 describes a PHP remote file inclusion vulnerability in ActiveCampaign KnowledgeBuilder 2.2, specifically in admin/e_data/visEdit_control.class.php where an attacker can supply a URL via visEdit_root to execute arbitrary PHP code on the server. The affected component is KnowledgeBuil...

CVE-2005-3829

CVE-2005-3829 affects ActiveCampaign KnowledgeBuilder 2.4 and earlier. The issue allows remote attackers to cause a denial-of-service by supplying an invalid category parameter, which triggers a large number of SQL queries. The available documents confirm the vulnerability scenario and severity (...