Vulnerabilities > Activecampaign > 1 2 ALL Broadcast Email

DATE CVE VULNERABILITY TITLE RISK
2007-05-11 CVE-2007-2630 Remote Code Execution vulnerability in Activecampaign 1-2-All Broadcast Email 4.5/4.53.13
Incomplete blacklist vulnerability in filemanager/browser/default/connectors/php/config.php in the FCKeditor module, as used in ActiveCampaign 1-2-All (aka 12All) 4.50 through 4.53.13, and possibly other products, allows remote authenticated administrators to upload and possibly execute .php4 and .php5 files via unspecified vectors.
network
low complexity
activecampaign
6.5
2005-11-18 CVE-2005-3679 Unspecified vulnerability in Activecampaign 1-2-All Broadcast Email 4.07
SQL injection vulnerability in admin/index.php in ActiveCampaign 1-2-All Broadcast Email allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username field in the admin control panel.
network
low complexity
activecampaign
7.5