Search criteria
10 vulnerabilities found for knowledgebuilder by activecampaign
CVE-2006-5919 (GCVE-0-2006-5919)
Vulnerability from nvd – Published: 2006-11-15 15:00 – Updated: 2024-08-07 20:12
VLAI
Summary
PHP remote file inclusion vulnerability in admin/e_data/visEdit_control.class.php in ActiveCampaign KnowledgeBuilder 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the visEdit_root parameter, a different vector than CVE-2003-1131.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/450944/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/20857 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/bid/20020 | vdb-entryx_refsource_BID |
| http://securityreason.com/securityalert/1861 | third-party-advisoryx_refsource_SREASON |
| https://www.exploit-db.com/exploits/2364 | exploitx_refsource_EXPLOIT-DB |
Date Public
2006-09-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:12:30.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20061108 knowledgeBuilder v.2.2.php.NuLL-WDYL=\u003e Remote File Include Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/450944/100/0/threaded"
},
{
"name": "knowledgebuilder-visedit-file-include(30134)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30134"
},
{
"name": "20857",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20857"
},
{
"name": "20020",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20020"
},
{
"name": "1861",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1861"
},
{
"name": "2364",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/2364"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in admin/e_data/visEdit_control.class.php in ActiveCampaign KnowledgeBuilder 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the visEdit_root parameter, a different vector than CVE-2003-1131."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20061108 knowledgeBuilder v.2.2.php.NuLL-WDYL=\u003e Remote File Include Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/450944/100/0/threaded"
},
{
"name": "knowledgebuilder-visedit-file-include(30134)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30134"
},
{
"name": "20857",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20857"
},
{
"name": "20020",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20020"
},
{
"name": "1861",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1861"
},
{
"name": "2364",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/2364"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5919",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in admin/e_data/visEdit_control.class.php in ActiveCampaign KnowledgeBuilder 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the visEdit_root parameter, a different vector than CVE-2003-1131."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20061108 knowledgeBuilder v.2.2.php.NuLL-WDYL=\u003e Remote File Include Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/450944/100/0/threaded"
},
{
"name": "knowledgebuilder-visedit-file-include(30134)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30134"
},
{
"name": "20857",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20857"
},
{
"name": "20020",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20020"
},
{
"name": "1861",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1861"
},
{
"name": "2364",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2364"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5919",
"datePublished": "2006-11-15T15:00:00.000Z",
"dateReserved": "2006-11-15T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:12:30.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0970 (GCVE-0-2006-0970)
Vulnerability from nvd – Published: 2006-03-03 11:00 – Updated: 2024-08-07 16:56
VLAI
Summary
PHP remote file inclusion vulnerability in index.php in one or more ActiveCampaign products, possibly SupportTrio, allows remote attackers to include and execute arbitrary files via the page parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/505 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/426214/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/3228 | vdb-entryx_refsource_OSVDB |
Date Public
2006-02-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:56:14.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "505",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/505"
},
{
"name": "activecampaign-index-command-execution(24989)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24989"
},
{
"name": "20060227 Knowledgebases Remote Command Exucetion",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426214/100/0/threaded"
},
{
"name": "3228",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3228"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in index.php in one or more ActiveCampaign products, possibly SupportTrio, allows remote attackers to include and execute arbitrary files via the page parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "505",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/505"
},
{
"name": "activecampaign-index-command-execution(24989)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24989"
},
{
"name": "20060227 Knowledgebases Remote Command Exucetion",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/426214/100/0/threaded"
},
{
"name": "3228",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3228"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0970",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in index.php in one or more ActiveCampaign products, possibly SupportTrio, allows remote attackers to include and execute arbitrary files via the page parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "505",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/505"
},
{
"name": "activecampaign-index-command-execution(24989)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24989"
},
{
"name": "20060227 Knowledgebases Remote Command Exucetion",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/426214/100/0/threaded"
},
{
"name": "3228",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3228"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0970",
"datePublished": "2006-03-03T11:00:00.000Z",
"dateReserved": "2006-03-03T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:56:14.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3828 (GCVE-0-2005-3828)
Vulnerability from nvd – Published: 2005-11-26 19:00 – Updated: 2024-08-07 23:24
VLAI
Summary
SQL injection vulnerability in index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows remote attackers to execute arbitrary SQL commands via the article parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.osvdb.org/21096 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/17732 | third-party-advisoryx_refsource_SECUNIA |
| http://pridels0.blogspot.com/2005/11/activecampai… | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2005/2587 | vdb-entryx_refsource_VUPEN |
Date Public
2005-11-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:24:36.382Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21096",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/21096"
},
{
"name": "17732",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17732"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://pridels0.blogspot.com/2005/11/activecampaign-knowledgebuilder-vuln.html"
},
{
"name": "ADV-2005-2587",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2587"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows remote attackers to execute arbitrary SQL commands via the article parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-01-12T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21096",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/21096"
},
{
"name": "17732",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17732"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://pridels0.blogspot.com/2005/11/activecampaign-knowledgebuilder-vuln.html"
},
{
"name": "ADV-2005-2587",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2587"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3828",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows remote attackers to execute arbitrary SQL commands via the article parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21096",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21096"
},
{
"name": "17732",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17732"
},
{
"name": "http://pridels0.blogspot.com/2005/11/activecampaign-knowledgebuilder-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2005/11/activecampaign-knowledgebuilder-vuln.html"
},
{
"name": "ADV-2005-2587",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2587"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3828",
"datePublished": "2005-11-26T19:00:00.000Z",
"dateReserved": "2005-11-26T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:24:36.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3829 (GCVE-0-2005-3829)
Vulnerability from nvd – Published: 2005-11-26 19:00 – Updated: 2024-08-07 23:24
VLAI
Summary
index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an invalid category parameter, which causes a large number of SQL queries to be processed.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/17732 | third-party-advisoryx_refsource_SECUNIA |
| http://pridels0.blogspot.com/2005/11/activecampai… | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2005/2587 | vdb-entryx_refsource_VUPEN |
| http://www.osvdb.org/21098 | vdb-entryx_refsource_OSVDB |
Date Public
2005-11-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:24:36.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "17732",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17732"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://pridels0.blogspot.com/2005/11/activecampaign-knowledgebuilder-vuln.html"
},
{
"name": "ADV-2005-2587",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2587"
},
{
"name": "21098",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/21098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an invalid category parameter, which causes a large number of SQL queries to be processed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-01-12T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "17732",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17732"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://pridels0.blogspot.com/2005/11/activecampaign-knowledgebuilder-vuln.html"
},
{
"name": "ADV-2005-2587",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2587"
},
{
"name": "21098",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/21098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3829",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an invalid category parameter, which causes a large number of SQL queries to be processed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17732",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17732"
},
{
"name": "http://pridels0.blogspot.com/2005/11/activecampaign-knowledgebuilder-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2005/11/activecampaign-knowledgebuilder-vuln.html"
},
{
"name": "ADV-2005-2587",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2587"
},
{
"name": "21098",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3829",
"datePublished": "2005-11-26T19:00:00.000Z",
"dateReserved": "2005-11-26T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:24:36.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1131 (GCVE-0-2003-1131)
Vulnerability from nvd – Published: 2005-03-20 05:00 – Updated: 2024-08-08 02:19
VLAI
Summary
PHP remote file inclusion vulnerability in index.php in KnowledgeBuilder, referred to as KnowledgeBase, allows remote attackers to execute arbitrary PHP code by modifying the page parameter to reference a URL on a remote web server that contains the code.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/10504 | third-party-advisoryx_refsource_SECUNIA |
| http://marc.info/?l=bugtraq&m=111066494323543&w=2 | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/348359 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/9292 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/3228 | vdb-entryx_refsource_OSVDB |
Date Public
2003-12-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:19:44.746Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "10504",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10504"
},
{
"name": "20050312 KnowledgeBase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111066494323543\u0026w=2"
},
{
"name": "knowledgebuilder-indexphp-file-include(14078)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14078"
},
{
"name": "20031224 Remote Code Execution in Knowledge Builder.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/348359"
},
{
"name": "9292",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9292"
},
{
"name": "3228",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3228"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-12-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in index.php in KnowledgeBuilder, referred to as KnowledgeBase, allows remote attackers to execute arbitrary PHP code by modifying the page parameter to reference a URL on a remote web server that contains the code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "10504",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10504"
},
{
"name": "20050312 KnowledgeBase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111066494323543\u0026w=2"
},
{
"name": "knowledgebuilder-indexphp-file-include(14078)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14078"
},
{
"name": "20031224 Remote Code Execution in Knowledge Builder.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/348359"
},
{
"name": "9292",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9292"
},
{
"name": "3228",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3228"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1131",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in index.php in KnowledgeBuilder, referred to as KnowledgeBase, allows remote attackers to execute arbitrary PHP code by modifying the page parameter to reference a URL on a remote web server that contains the code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "10504",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10504"
},
{
"name": "20050312 KnowledgeBase",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=111066494323543\u0026w=2"
},
{
"name": "knowledgebuilder-indexphp-file-include(14078)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14078"
},
{
"name": "20031224 Remote Code Execution in Knowledge Builder.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/348359"
},
{
"name": "9292",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9292"
},
{
"name": "3228",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3228"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1131",
"datePublished": "2005-03-20T05:00:00.000Z",
"dateReserved": "2005-03-20T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:19:44.746Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5919 (GCVE-0-2006-5919)
Vulnerability from cvelistv5 – Published: 2006-11-15 15:00 – Updated: 2024-08-07 20:12
VLAI
Summary
PHP remote file inclusion vulnerability in admin/e_data/visEdit_control.class.php in ActiveCampaign KnowledgeBuilder 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the visEdit_root parameter, a different vector than CVE-2003-1131.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/450944/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/20857 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/bid/20020 | vdb-entryx_refsource_BID |
| http://securityreason.com/securityalert/1861 | third-party-advisoryx_refsource_SREASON |
| https://www.exploit-db.com/exploits/2364 | exploitx_refsource_EXPLOIT-DB |
Date Public
2006-09-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:12:30.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20061108 knowledgeBuilder v.2.2.php.NuLL-WDYL=\u003e Remote File Include Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/450944/100/0/threaded"
},
{
"name": "knowledgebuilder-visedit-file-include(30134)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30134"
},
{
"name": "20857",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20857"
},
{
"name": "20020",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20020"
},
{
"name": "1861",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1861"
},
{
"name": "2364",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/2364"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in admin/e_data/visEdit_control.class.php in ActiveCampaign KnowledgeBuilder 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the visEdit_root parameter, a different vector than CVE-2003-1131."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20061108 knowledgeBuilder v.2.2.php.NuLL-WDYL=\u003e Remote File Include Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/450944/100/0/threaded"
},
{
"name": "knowledgebuilder-visedit-file-include(30134)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30134"
},
{
"name": "20857",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20857"
},
{
"name": "20020",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20020"
},
{
"name": "1861",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1861"
},
{
"name": "2364",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/2364"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5919",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in admin/e_data/visEdit_control.class.php in ActiveCampaign KnowledgeBuilder 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the visEdit_root parameter, a different vector than CVE-2003-1131."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20061108 knowledgeBuilder v.2.2.php.NuLL-WDYL=\u003e Remote File Include Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/450944/100/0/threaded"
},
{
"name": "knowledgebuilder-visedit-file-include(30134)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30134"
},
{
"name": "20857",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20857"
},
{
"name": "20020",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20020"
},
{
"name": "1861",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1861"
},
{
"name": "2364",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2364"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5919",
"datePublished": "2006-11-15T15:00:00.000Z",
"dateReserved": "2006-11-15T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:12:30.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0970 (GCVE-0-2006-0970)
Vulnerability from cvelistv5 – Published: 2006-03-03 11:00 – Updated: 2024-08-07 16:56
VLAI
Summary
PHP remote file inclusion vulnerability in index.php in one or more ActiveCampaign products, possibly SupportTrio, allows remote attackers to include and execute arbitrary files via the page parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/505 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/426214/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/3228 | vdb-entryx_refsource_OSVDB |
Date Public
2006-02-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:56:14.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "505",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/505"
},
{
"name": "activecampaign-index-command-execution(24989)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24989"
},
{
"name": "20060227 Knowledgebases Remote Command Exucetion",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426214/100/0/threaded"
},
{
"name": "3228",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3228"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in index.php in one or more ActiveCampaign products, possibly SupportTrio, allows remote attackers to include and execute arbitrary files via the page parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "505",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/505"
},
{
"name": "activecampaign-index-command-execution(24989)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24989"
},
{
"name": "20060227 Knowledgebases Remote Command Exucetion",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/426214/100/0/threaded"
},
{
"name": "3228",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3228"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0970",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in index.php in one or more ActiveCampaign products, possibly SupportTrio, allows remote attackers to include and execute arbitrary files via the page parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "505",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/505"
},
{
"name": "activecampaign-index-command-execution(24989)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24989"
},
{
"name": "20060227 Knowledgebases Remote Command Exucetion",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/426214/100/0/threaded"
},
{
"name": "3228",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3228"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0970",
"datePublished": "2006-03-03T11:00:00.000Z",
"dateReserved": "2006-03-03T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:56:14.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3828 (GCVE-0-2005-3828)
Vulnerability from cvelistv5 – Published: 2005-11-26 19:00 – Updated: 2024-08-07 23:24
VLAI
Summary
SQL injection vulnerability in index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows remote attackers to execute arbitrary SQL commands via the article parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.osvdb.org/21096 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/17732 | third-party-advisoryx_refsource_SECUNIA |
| http://pridels0.blogspot.com/2005/11/activecampai… | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2005/2587 | vdb-entryx_refsource_VUPEN |
Date Public
2005-11-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:24:36.382Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21096",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/21096"
},
{
"name": "17732",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17732"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://pridels0.blogspot.com/2005/11/activecampaign-knowledgebuilder-vuln.html"
},
{
"name": "ADV-2005-2587",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2587"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows remote attackers to execute arbitrary SQL commands via the article parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-01-12T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21096",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/21096"
},
{
"name": "17732",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17732"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://pridels0.blogspot.com/2005/11/activecampaign-knowledgebuilder-vuln.html"
},
{
"name": "ADV-2005-2587",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2587"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3828",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows remote attackers to execute arbitrary SQL commands via the article parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21096",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21096"
},
{
"name": "17732",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17732"
},
{
"name": "http://pridels0.blogspot.com/2005/11/activecampaign-knowledgebuilder-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2005/11/activecampaign-knowledgebuilder-vuln.html"
},
{
"name": "ADV-2005-2587",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2587"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3828",
"datePublished": "2005-11-26T19:00:00.000Z",
"dateReserved": "2005-11-26T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:24:36.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3829 (GCVE-0-2005-3829)
Vulnerability from cvelistv5 – Published: 2005-11-26 19:00 – Updated: 2024-08-07 23:24
VLAI
Summary
index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an invalid category parameter, which causes a large number of SQL queries to be processed.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/17732 | third-party-advisoryx_refsource_SECUNIA |
| http://pridels0.blogspot.com/2005/11/activecampai… | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2005/2587 | vdb-entryx_refsource_VUPEN |
| http://www.osvdb.org/21098 | vdb-entryx_refsource_OSVDB |
Date Public
2005-11-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:24:36.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "17732",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17732"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://pridels0.blogspot.com/2005/11/activecampaign-knowledgebuilder-vuln.html"
},
{
"name": "ADV-2005-2587",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2587"
},
{
"name": "21098",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/21098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an invalid category parameter, which causes a large number of SQL queries to be processed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-01-12T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "17732",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17732"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://pridels0.blogspot.com/2005/11/activecampaign-knowledgebuilder-vuln.html"
},
{
"name": "ADV-2005-2587",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2587"
},
{
"name": "21098",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/21098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3829",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an invalid category parameter, which causes a large number of SQL queries to be processed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17732",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17732"
},
{
"name": "http://pridels0.blogspot.com/2005/11/activecampaign-knowledgebuilder-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2005/11/activecampaign-knowledgebuilder-vuln.html"
},
{
"name": "ADV-2005-2587",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2587"
},
{
"name": "21098",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3829",
"datePublished": "2005-11-26T19:00:00.000Z",
"dateReserved": "2005-11-26T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:24:36.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1131 (GCVE-0-2003-1131)
Vulnerability from cvelistv5 – Published: 2005-03-20 05:00 – Updated: 2024-08-08 02:19
VLAI
Summary
PHP remote file inclusion vulnerability in index.php in KnowledgeBuilder, referred to as KnowledgeBase, allows remote attackers to execute arbitrary PHP code by modifying the page parameter to reference a URL on a remote web server that contains the code.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/10504 | third-party-advisoryx_refsource_SECUNIA |
| http://marc.info/?l=bugtraq&m=111066494323543&w=2 | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/348359 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/9292 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/3228 | vdb-entryx_refsource_OSVDB |
Date Public
2003-12-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:19:44.746Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "10504",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10504"
},
{
"name": "20050312 KnowledgeBase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111066494323543\u0026w=2"
},
{
"name": "knowledgebuilder-indexphp-file-include(14078)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14078"
},
{
"name": "20031224 Remote Code Execution in Knowledge Builder.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/348359"
},
{
"name": "9292",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9292"
},
{
"name": "3228",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3228"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-12-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in index.php in KnowledgeBuilder, referred to as KnowledgeBase, allows remote attackers to execute arbitrary PHP code by modifying the page parameter to reference a URL on a remote web server that contains the code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "10504",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10504"
},
{
"name": "20050312 KnowledgeBase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111066494323543\u0026w=2"
},
{
"name": "knowledgebuilder-indexphp-file-include(14078)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14078"
},
{
"name": "20031224 Remote Code Execution in Knowledge Builder.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/348359"
},
{
"name": "9292",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9292"
},
{
"name": "3228",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3228"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1131",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in index.php in KnowledgeBuilder, referred to as KnowledgeBase, allows remote attackers to execute arbitrary PHP code by modifying the page parameter to reference a URL on a remote web server that contains the code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "10504",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10504"
},
{
"name": "20050312 KnowledgeBase",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=111066494323543\u0026w=2"
},
{
"name": "knowledgebuilder-indexphp-file-include(14078)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14078"
},
{
"name": "20031224 Remote Code Execution in Knowledge Builder.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/348359"
},
{
"name": "9292",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9292"
},
{
"name": "3228",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3228"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1131",
"datePublished": "2005-03-20T05:00:00.000Z",
"dateReserved": "2005-03-20T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:19:44.746Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}