Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5056

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-5056
Last Modified 30 Oct 2012 11:06:40
Published 13 Nov 2008 06:30:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5056

Summary

Cross-site scripting (XSS) vulnerability in department_offline_context.php in ActiveCampaign TrioLive before 1.58.7 allows remote attackers to inject arbitrary web script or HTML via the department_id parameter to index.php.

Vulnerable Systems

Application

  • Activecampaign Triolive 1.0

  • Activecampaign Triolive 1.03

  • Activecampaign Triolive 1.04

  • Activecampaign Triolive 1.05

  • Activecampaign Triolive 1.06

  • Activecampaign Triolive 1.07

  • Activecampaign Triolive 1.08

  • Activecampaign Triolive 1.09

  • Activecampaign Triolive 1.10

  • Activecampaign Triolive 1.11

  • Activecampaign Triolive 1.12

  • Activecampaign Triolive 1.13

  • Activecampaign Triolive 1.14

  • Activecampaign Triolive 1.15

  • Activecampaign Triolive 1.16

  • Activecampaign Triolive 1.17

  • Activecampaign Triolive 1.18

  • Activecampaign Triolive 1.19

  • Activecampaign Triolive 1.20

  • Activecampaign Triolive 1.21

  • Activecampaign Triolive 1.22

  • Activecampaign Triolive 1.23

  • Activecampaign Triolive 1.24

  • Activecampaign Triolive 1.25

  • Activecampaign Triolive 1.26

  • Activecampaign Triolive 1.27

  • Activecampaign Triolive 1.28

  • Activecampaign Triolive 1.29

  • Activecampaign Triolive 1.30

  • Activecampaign Triolive 1.31

  • Activecampaign Triolive 1.32

  • Activecampaign Triolive 1.33

  • Activecampaign Triolive 1.34

  • Activecampaign Triolive 1.35

  • Activecampaign Triolive 1.36

  • Activecampaign Triolive 1.37

  • Activecampaign Triolive 1.39

  • Activecampaign Triolive 1.40

  • Activecampaign Triolive 1.41

  • Activecampaign Triolive 1.42

  • Activecampaign Triolive 1.50.1

  • Activecampaign Triolive 1.50.2

  • Activecampaign Triolive 1.50.3

  • Activecampaign Triolive 1.50.4

  • Activecampaign Triolive 1.50.5

  • Activecampaign Triolive 1.50.6

  • Activecampaign Triolive 1.55.0

  • Activecampaign Triolive 1.55.1

  • Activecampaign Triolive 1.55.2

  • Activecampaign Triolive 1.56.1

  • Activecampaign Triolive 1.56.2

  • Activecampaign Triolive 1.56.3

  • Activecampaign Triolive 1.56.4

  • Activecampaign Triolive 1.56.5

  • Activecampaign Triolive 1.57

  • Activecampaign Triolive 1.58.0

  • Activecampaign Triolive 1.58.1

  • Activecampaign Triolive 1.58.2

  • Activecampaign Triolive 1.58.3

  • Activecampaign Triolive 1.58.4

  • Activecampaign Triolive 1.58.5

  • Activecampaign Triolive 1.58.6

  • Activecampaign Triolive Unknown


References

CONFIRM - http://activecampaign.com/support/forum/showthread.php?t=4554

XF - triolive-index-xss(46560)

MISC - http://holisticinfosec.org/content/view/93/45/

BID - 32268

OSVDB - 49858


Last Updated: 27 May 2016 10:56:38