CVE-2005-3679 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2005-3679

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

SQL injection vulnerability in admin/index.php in ActiveCampaign 1-2-All Broadcast Email allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username field in the admin control panel.

Affected Software

Name	Vendor	Start Version	End Version
1-2-all_broadcast_email	Activecampaign	4.07 (including)	4.07 (including)

References

http://marc.info/?l=bugtraq\u0026m=113201260613863\u0026w=2
http://www.osvdb.org/20949
http://www.securityfocus.com/bid/15400/
http://marc.info/?l=bugtraq\u0026m=113201260613863\u0026w=2
http://www.osvdb.org/20949
http://www.securityfocus.com/bid/15400/