|
Description
|
|
Multiple vulnerabilities were identified in ActiveCampaign KnowledgeBuilder, which could be exploited by malicious users to conduct SQL injection and denial of service attacks.
The first flaw is due to an input validation error in the "index.php" script that does not properly filter a specially crafted "article" parameter, which may be exploited by malicious users to execute arbitrary SQL commands.
The second issue is due to an input validation error in the "index.php" script when processing an invalid "category" parameter, which may be exploited by remote attackers to cause a denial of service.
|
