Vulnerabilities > CVE-2005-3679 - Unspecified vulnerability in Activecampaign 1-2-All Broadcast Email 4.07

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
activecampaign
exploit available
NVD
Published: 2005-11-18
Updated: 2016-10-18

Summary

SQL injection vulnerability in admin/index.php in ActiveCampaign 1-2-All Broadcast Email allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username field in the admin control panel.

Vulnerable Configurations

Part Description Count
Application
Activecampaign
1

Exploit-Db

descriptionActiveCampaign 1-2-All Broadcast Email 4.0 Admin Control Panel Username SQL Injection Vulnerability. CVE-2005-3679. Webapps exploit for php platform
idEDB-ID:26501
last seen2016-02-03
modified2005-11-12
published2005-11-12
reporterbhs_team
sourcehttps://www.exploit-db.com/download/26501/
titleActiveCampaign 1-2-All Broadcast Email 4.0 Admin Control Panel Username SQL Injection Vulnerability

References