RSS   Vulnerabilities for 'Knowledgebuilder'   RSS

2006-11-15
 
CVE-2006-5919

CWE-Other
 

 
PHP remote file inclusion vulnerability in admin/e_data/visEdit_control.class.php in ActiveCampaign KnowledgeBuilder 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the visEdit_root parameter, a different vector than CVE-2003-1131.

 
2006-03-03
 
CVE-2006-0970

CWE-Other
 

 
PHP remote file inclusion vulnerability in index.php in one or more ActiveCampaign products, possibly SupportTrio, allows remote attackers to include and execute arbitrary files via the page parameter.

 
2005-11-26
 
CVE-2005-3829

 

 
index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an invalid category parameter, which causes a large number of SQL queries to be processed.

 
 
CVE-2005-3828

 

 
SQL injection vulnerability in index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows remote attackers to execute arbitrary SQL commands via the article parameter.

 
2003-12-31
 
CVE-2003-1131

 

 
PHP remote file inclusion vulnerability in index.php in KnowledgeBuilder, referred to as KnowledgeBase, allows remote attackers to execute arbitrary PHP code by modifying the page parameter to reference a URL on a remote web server that contains the code.

 

 >>> Vendor: Activecampaign 8 Products
Knowledgebuilder
1-2-all broadcast email
Supporttrio
1-2-all
General
Isalient
Visualedit
Triolive


Copyright 2019, cxsecurity.com

 

Back to Top