3 matches found
CVE-2012-3822
CVE-2012-3822 affects Arial Campaign Enterprise before v11.0.551. The vulnerability is an unauthorized access issue on the User-Edit.asp page that enables remote attackers to enumerate users’ credentials, i.e., information disclosure of credentials. The root cause is access to a user-edit interfa...
CVE-2012-3824
CVE-2012-3824 affects Arial Campaign Enterprise prior to version 11.0.551, where multiple pages are accessible without authentication or authorization. The vulnerability is caused by insufficient access controls on web pages, enabling unauthorized viewing of pages. A vendor patch addressing this ...
CVE-2012-3823
CVE-2012-3823 affects Arial Campaign Enterprise prior to version 11.0.551. The vulnerability is that passwords are stored in clear text and may be retrieved, leading to potential exposure of user credentials. Impact is confidentiality-related (credentials exposure) with no evidence of integrity/a...