CVE-2008-5055 - Vulnerability Details

SQL injection vulnerability in department_offline_context.php in ActiveCampaign TrioLive before 1.58.7 allows remote attackers to execute arbitrary SQL commands via the department_id parameter to index.php.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Activecampaign	Triolive

Configuration 1 [-]

OR	cpe:2.3:a:activecampaign:triolive::::::::
	cpe:2.3:a:activecampaign:triolive:1.0:::::::*
	cpe:2.3:a:activecampaign:triolive:1.03:::::::*
	cpe:2.3:a:activecampaign:triolive:1.04:::::::*
	cpe:2.3:a:activecampaign:triolive:1.05:::::::*
	cpe:2.3:a:activecampaign:triolive:1.06:::::::*
	cpe:2.3:a:activecampaign:triolive:1.07:::::::*
	cpe:2.3:a:activecampaign:triolive:1.08:::::::*
	cpe:2.3:a:activecampaign:triolive:1.09:::::::*
	cpe:2.3:a:activecampaign:triolive:1.10:::::::*
	cpe:2.3:a:activecampaign:triolive:1.11:::::::*
	cpe:2.3:a:activecampaign:triolive:1.12:::::::*
	cpe:2.3:a:activecampaign:triolive:1.13:::::::*
	cpe:2.3:a:activecampaign:triolive:1.14:::::::*
	cpe:2.3:a:activecampaign:triolive:1.15:::::::*
	cpe:2.3:a:activecampaign:triolive:1.16:::::::*
	cpe:2.3:a:activecampaign:triolive:1.17:::::::*
	cpe:2.3:a:activecampaign:triolive:1.18:::::::*
	cpe:2.3:a:activecampaign:triolive:1.19:::::::*
	cpe:2.3:a:activecampaign:triolive:1.20:::::::*
	cpe:2.3:a:activecampaign:triolive:1.21:::::::*
	cpe:2.3:a:activecampaign:triolive:1.22:::::::*
	cpe:2.3:a:activecampaign:triolive:1.23:::::::*
	cpe:2.3:a:activecampaign:triolive:1.24:::::::*
	cpe:2.3:a:activecampaign:triolive:1.25:::::::*
	cpe:2.3:a:activecampaign:triolive:1.26:::::::*
	cpe:2.3:a:activecampaign:triolive:1.27:::::::*
	cpe:2.3:a:activecampaign:triolive:1.28:::::::*
	cpe:2.3:a:activecampaign:triolive:1.29:::::::*
	cpe:2.3:a:activecampaign:triolive:1.30:::::::*
	cpe:2.3:a:activecampaign:triolive:1.31:::::::*
	cpe:2.3:a:activecampaign:triolive:1.32:::::::*
	cpe:2.3:a:activecampaign:triolive:1.33:::::::*
	cpe:2.3:a:activecampaign:triolive:1.34:::::::*
	cpe:2.3:a:activecampaign:triolive:1.35:::::::*
	cpe:2.3:a:activecampaign:triolive:1.36:::::::*
	cpe:2.3:a:activecampaign:triolive:1.37:::::::*
	cpe:2.3:a:activecampaign:triolive:1.39:::::::*
	cpe:2.3:a:activecampaign:triolive:1.40:::::::*
	cpe:2.3:a:activecampaign:triolive:1.41:::::::*
	cpe:2.3:a:activecampaign:triolive:1.42:::::::*
	cpe:2.3:a:activecampaign:triolive:1.50.1:::::::*
	cpe:2.3:a:activecampaign:triolive:1.50.2:::::::*
	cpe:2.3:a:activecampaign:triolive:1.50.3:::::::*
	cpe:2.3:a:activecampaign:triolive:1.50.4:::::::*
	cpe:2.3:a:activecampaign:triolive:1.50.5:::::::*
	cpe:2.3:a:activecampaign:triolive:1.50.6:::::::*
	cpe:2.3:a:activecampaign:triolive:1.55.0:::::::*
	cpe:2.3:a:activecampaign:triolive:1.55.1:::::::*
	cpe:2.3:a:activecampaign:triolive:1.55.2:::::::*
	cpe:2.3:a:activecampaign:triolive:1.56.1:::::::*
	cpe:2.3:a:activecampaign:triolive:1.56.2:::::::*
	cpe:2.3:a:activecampaign:triolive:1.56.3:::::::*
	cpe:2.3:a:activecampaign:triolive:1.56.4:::::::*
	cpe:2.3:a:activecampaign:triolive:1.56.5:::::::*
	cpe:2.3:a:activecampaign:triolive:1.57:::::::*
	cpe:2.3:a:activecampaign:triolive:1.58.0:::::::*
	cpe:2.3:a:activecampaign:triolive:1.58.1:::::::*
	cpe:2.3:a:activecampaign:triolive:1.58.2:::::::*
	cpe:2.3:a:activecampaign:triolive:1.58.3:::::::*
	cpe:2.3:a:activecampaign:triolive:1.58.4:::::::*
	cpe:2.3:a:activecampaign:triolive:1.58.5:::::::*
	cpe:2.3:a:activecampaign:triolive:unknown:beta2::::::
	cpe:2.3:a:activecampaign:triolive:unknown:beta3::::::
cpe:2.3:a:activecampaign:triolive:unknown:beta5::::::

No data.

References

Link	Providers
http://activecampaign.com/support/forum/showthread.php?t=4554
http://holisticinfosec.org/content/view/93/45/
http://osvdb.org/49825
http://secunia.com/advisories/32703
http://www.securityfocus.com/bid/32268
http://www.vupen.com/english/advisories/2008/3125
https://exchange.xforce.ibmcloud.com/vulnerabilities/46557

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-11-13T11:00:00

Updated: 2024-08-07T10:40:16.842Z

Reserved: 2008-11-13T00:00:00

Link: CVE-2008-5055

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2008-11-13T11:30:01.563

Modified: 2025-04-09T00:30:58.490

Link: CVE-2008-5055

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-11-12T00:00:00", "descriptions": [{"lang": "en", "value": "SQL injection vulnerability in department_offline_context.php in ActiveCampaign TrioLive before 1.58.7 allows remote attackers to execute arbitrary SQL commands via the department_id parameter to index.php."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2008-3125", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/3125"}, {"name": "32268", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/32268"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://activecampaign.com/support/forum/showthread.php?t=4554"}, {"name": "32703", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32703"}, {"tags": ["x_refsource_MISC"], "url": "http://holisticinfosec.org/content/view/93/45/"}, {"name": "49825", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/49825"}, {"name": "triolive-index-sql-injection(46557)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46557"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-5055", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SQL injection vulnerability in department_offline_context.php in ActiveCampaign TrioLive before 1.58.7 allows remote attackers to execute arbitrary SQL commands via the department_id parameter to index.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2008-3125", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/3125"}, {"name": "32268", "refsource": "BID", "url": "http://www.securityfocus.com/bid/32268"}, {"name": "http://activecampaign.com/support/forum/showthread.php?t=4554", "refsource": "CONFIRM", "url": "http://activecampaign.com/support/forum/showthread.php?t=4554"}, {"name": "32703", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32703"}, {"name": "http://holisticinfosec.org/content/view/93/45/", "refsource": "MISC", "url": "http://holisticinfosec.org/content/view/93/45/"}, {"name": "49825", "refsource": "OSVDB", "url": "http://osvdb.org/49825"}, {"name": "triolive-index-sql-injection(46557)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46557"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T10:40:16.842Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2008-3125", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/3125"}, {"name": "32268", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/32268"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://activecampaign.com/support/forum/showthread.php?t=4554"}, {"name": "32703", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32703"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://holisticinfosec.org/content/view/93/45/"}, {"name": "49825", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/49825"}, {"name": "triolive-index-sql-injection(46557)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46557"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-5055", "datePublished": "2008-11-13T11:00:00", "dateReserved": "2008-11-13T00:00:00", "dateUpdated": "2024-08-07T10:40:16.842Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:activecampaign:triolive:*:*:*:*:*:*:*:*", "matchCriteriaId": "D69DC4E2-1B9C-41FA-95C1-2A727A047B2B", "versionEndIncluding": "1.58.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3830E887-4808-40C8-9F37-2F8D3F5F18DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.03:*:*:*:*:*:*:*", "matchCriteriaId": "679EEBE1-D8DF-4F0E-9E1A-01658F6FC04F", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.04:*:*:*:*:*:*:*", "matchCriteriaId": "F3C9544F-14FF-4A36-B6FF-70CB892ABE8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.05:*:*:*:*:*:*:*", "matchCriteriaId": "6AD1AEBD-FA89-4462-8C43-3B138C31FD14", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.06:*:*:*:*:*:*:*", "matchCriteriaId": "12D1F27A-B046-4DD3-86DF-4EF5793B576E", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.07:*:*:*:*:*:*:*", "matchCriteriaId": "FDAD0C1A-BF51-4571-936F-2C469A2D3862", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.08:*:*:*:*:*:*:*", "matchCriteriaId": "588A0D87-CFF9-49E3-99E9-CF4B5A7F38E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.09:*:*:*:*:*:*:*", "matchCriteriaId": "839EC8F2-550A-42AC-AA9D-4403AA7BA9D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.10:*:*:*:*:*:*:*", "matchCriteriaId": "2AEC77F0-84CB-4EE8-A449-E826B0111D57", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.11:*:*:*:*:*:*:*", "matchCriteriaId": "2EA0A931-F954-41C0-AB84-5C1238B57AD1", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.12:*:*:*:*:*:*:*", "matchCriteriaId": "57CA5B22-E54D-4831-A8A0-29C84FCDB10C", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.13:*:*:*:*:*:*:*", "matchCriteriaId": "B4730442-6F85-4A0B-8885-D2FAA6ABDFF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.14:*:*:*:*:*:*:*", "matchCriteriaId": "4B31C41B-BBA6-4453-966B-24882F6435CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.15:*:*:*:*:*:*:*", "matchCriteriaId": "09440542-C469-41C7-9CEE-C3B2C6785823", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.16:*:*:*:*:*:*:*", "matchCriteriaId": "CE767E5D-83ED-4F0C-A769-95C94D29C583", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.17:*:*:*:*:*:*:*", "matchCriteriaId": "052B1287-6A0B-4853-82EE-FB87715C6924", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.18:*:*:*:*:*:*:*", "matchCriteriaId": "5D1F25CD-A81F-457E-81F3-60A11CD90B58", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.19:*:*:*:*:*:*:*", "matchCriteriaId": "E5B1E77F-26F5-4127-8C63-A823441B9851", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.20:*:*:*:*:*:*:*", "matchCriteriaId": "6898F327-83EE-4257-91C2-8A3158FCAA25", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.21:*:*:*:*:*:*:*", "matchCriteriaId": "F983135A-CE50-4BC4-BCC1-F7BFC9E70575", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.22:*:*:*:*:*:*:*", "matchCriteriaId": "4CF162F3-A62B-432B-90A1-840992672C0D", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.23:*:*:*:*:*:*:*", "matchCriteriaId": "E4740E6F-4354-4D44-9559-2ECE897C4EEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.24:*:*:*:*:*:*:*", "matchCriteriaId": "8DF162B4-19D7-41A1-A6F1-40C1AF6A71D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.25:*:*:*:*:*:*:*", "matchCriteriaId": "973FF91F-1B9D-4432-84FF-7CD79A6CAADF", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.26:*:*:*:*:*:*:*", "matchCriteriaId": "72A482E9-2642-44DF-8D96-1A2DD74E9E9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.27:*:*:*:*:*:*:*", "matchCriteriaId": "F88FDA0C-DC07-4BCB-8510-695C805A3A06", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.28:*:*:*:*:*:*:*", "matchCriteriaId": "2C27969E-38F2-44DF-AF93-015F00DCF2CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.29:*:*:*:*:*:*:*", "matchCriteriaId": "8C3B0F6A-2C47-476A-81DA-9D3524F18E8D", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.30:*:*:*:*:*:*:*", "matchCriteriaId": "CCDA4D43-85EB-4990-B7FD-D95FC713A74D", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.31:*:*:*:*:*:*:*", "matchCriteriaId": "F01FC08E-3137-4A31-AFA6-6D54858549D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.32:*:*:*:*:*:*:*", "matchCriteriaId": "322D9109-2EF5-45BB-B06E-9262CC742849", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.33:*:*:*:*:*:*:*", "matchCriteriaId": "6D39BEEE-B1B6-4BC4-9E4A-A6BF7B4CB409", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.34:*:*:*:*:*:*:*", "matchCriteriaId": "8942394E-8C42-468C-95FF-1503A57832BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.35:*:*:*:*:*:*:*", "matchCriteriaId": "A342A09B-8E63-475E-B216-18C1A517DDFB", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.36:*:*:*:*:*:*:*", "matchCriteriaId": "A5223849-FA05-400B-B40A-72135BAE1ED6", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.37:*:*:*:*:*:*:*", "matchCriteriaId": "64198494-83B7-4340-B9F2-BB25F526F41D", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.39:*:*:*:*:*:*:*", "matchCriteriaId": "FB2CB225-E34E-4659-A74E-E292FA0ECC96", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.40:*:*:*:*:*:*:*", "matchCriteriaId": "8A83FB29-AABF-4636-9BB9-8754CBDEC8E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.41:*:*:*:*:*:*:*", "matchCriteriaId": "711CE7EF-552F-4240-B31E-9D512C632551", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.42:*:*:*:*:*:*:*", "matchCriteriaId": "A533F569-E7CF-45A5-BB37-9FAFECB2A350", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.50.1:*:*:*:*:*:*:*", "matchCriteriaId": "C3B36E78-5A0E-4718-BD11-322549C734BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.50.2:*:*:*:*:*:*:*", "matchCriteriaId": "3DA1328E-6069-4073-AD99-8C4A48F50316", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.50.3:*:*:*:*:*:*:*", "matchCriteriaId": "69B9D6F1-76AC-4CA4-88C2-94360DD772DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.50.4:*:*:*:*:*:*:*", "matchCriteriaId": "672F4580-5355-4F71-B198-A0C8FB7724AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.50.5:*:*:*:*:*:*:*", "matchCriteriaId": "B306C4AA-A374-4705-866B-E752F887D31F", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.50.6:*:*:*:*:*:*:*", "matchCriteriaId": "1F4F8BA4-A768-4A89-A185-868CF8012C0B", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.55.0:*:*:*:*:*:*:*", "matchCriteriaId": "BD887085-3AF8-4B62-8E0A-CF11067B072D", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.55.1:*:*:*:*:*:*:*", "matchCriteriaId": "DC1DEFC2-C622-418F-91AE-67D27E637093", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.55.2:*:*:*:*:*:*:*", "matchCriteriaId": "9C9B54CE-20B1-4592-A4D9-7FACE40ACD40", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.56.1:*:*:*:*:*:*:*", "matchCriteriaId": "B40DF908-3FB3-4742-B4D8-3E4440D8C2B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.56.2:*:*:*:*:*:*:*", "matchCriteriaId": "97E28490-1748-4A01-9C0C-AF06EC89D54A", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.56.3:*:*:*:*:*:*:*", "matchCriteriaId": "E0EBF9E6-216D-4818-9FC4-7A50781A56AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.56.4:*:*:*:*:*:*:*", "matchCriteriaId": "4E30CDDD-C2B5-48D2-A702-1A428F25CED6", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.56.5:*:*:*:*:*:*:*", "matchCriteriaId": "21FDEDA0-AE19-4C8F-A02E-BE8B327513E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.57:*:*:*:*:*:*:*", "matchCriteriaId": "4E302031-D94E-4A77-B99A-C9C9E6DE1DC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.58.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F607476-1619-42D8-9A22-80D2053577F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.58.1:*:*:*:*:*:*:*", "matchCriteriaId": "89E55568-DDE1-489D-8C68-17AF2FF68A89", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.58.2:*:*:*:*:*:*:*", "matchCriteriaId": "24C70825-1923-47A8-9443-3ED19FC28F84", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.58.3:*:*:*:*:*:*:*", "matchCriteriaId": "0205A854-E75D-4834-B2A9-5738E45F5360", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.58.4:*:*:*:*:*:*:*", "matchCriteriaId": "C483794B-5A46-4FFD-A0D5-CEE1347C4313", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:1.58.5:*:*:*:*:*:*:*", "matchCriteriaId": "25331DA7-1E75-4F2E-8077-516C52F2D7EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:unknown:beta2:*:*:*:*:*:*", "matchCriteriaId": "EDA29A14-EF14-44D2-A9B4-2E4A72CCB4FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:unknown:beta3:*:*:*:*:*:*", "matchCriteriaId": "8FFC5142-FEFA-4AAF-AA8C-E392050C1C88", "vulnerable": true}, {"criteria": "cpe:2.3:a:activecampaign:triolive:unknown:beta5:*:*:*:*:*:*", "matchCriteriaId": "01771D66-5668-46BC-A602-C38279CAC4A8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "SQL injection vulnerability in department_offline_context.php in ActiveCampaign TrioLive before 1.58.7 allows remote attackers to execute arbitrary SQL commands via the department_id parameter to index.php."}, {"lang": "es", "value": "Vulnerabilidad de inyecci\u00f3n SQL en department_offline_context.php en ActiveCampaign TrioLive antes de v1.58.7 permite a atacantes remotos ejecutar comandos SQL de su elecci\u00f3n mediante el par\u00e1metro \"department_id\" a index.php."}], "id": "CVE-2008-5055", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-11-13T11:30:01.563", "references": [{"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://activecampaign.com/support/forum/showthread.php?t=4554"}, {"source": "cve@mitre.org", "url": "http://holisticinfosec.org/content/view/93/45/"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/49825"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/32703"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/32268"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/3125"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46557"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://activecampaign.com/support/forum/showthread.php?t=4554"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://holisticinfosec.org/content/view/93/45/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/49825"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/32703"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/32268"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/3125"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46557"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object