Vulnerabilities > Activecampaign > Supporttrio > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-03-29 | CVE-2006-1488 | Remote Security vulnerability in Activecampaign Supporttrio 2.50.2 ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain the full path of the server via invalid (1) article or (2) print parameters in a kb action to index.php, or (3) an invalid category parameter to modules/KB/pdf.php, which leaks the path in an error message. | 5.0 |
| 2006-03-29 | CVE-2006-1487 | Cross-Site Scripting vulnerability in Activecampaign Supporttrio 2.50.2 Cross-site scripting (XSS) vulnerability in ActiveCampaign SupportTrio 2.50.2 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the KnowledgeBase search module. network activecampaign | 4.3 |
| 2005-11-26 | CVE-2005-3830 | Directory Traversal vulnerability in ActiveCampaign SupportTrio index.php in ActiveCampaign SupportTrio 1.4 and earlier allows remote attackers to read or include arbitrary files via the page parameter, possibly due to a directory traversal vulnerability. | 5.0 |