Vulnerabilities > CVE-2006-1488 - Unspecified vulnerability in Activecampaign Supporttrio 2.50.2
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain the full path of the server via invalid (1) article or (2) print parameters in a kb action to index.php, or (3) an invalid category parameter to modules/KB/pdf.php, which leaks the path in an error message.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://pridels0.blogspot.com/2006/03/activecampaign-supporttrio-25-vuln.html
- http://pridels0.blogspot.com/2006/03/activecampaign-supporttrio-25-vuln.html
- http://secunia.com/advisories/19431
- http://secunia.com/advisories/19431
- http://www.osvdb.org/24190
- http://www.osvdb.org/24190
- http://www.osvdb.org/24191
- http://www.osvdb.org/24191
- http://www.vupen.com/english/advisories/2006/1126
- http://www.vupen.com/english/advisories/2006/1126
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25517
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25517