VYPR

Campaign

by Adobe Inc.

CVEs (15)

  • CVE-2026-48303CriJun 9, 2026
    risk 0.65cvss 10.0epss 0.01

    Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is…

  • CVE-2026-47938CriJun 9, 2026
    risk 0.65cvss 10.0epss 0.00

    Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in privilege escalation. Exploitation of this issue does not require user interaction. Scope is changed.

  • CVE-2017-2989CriApr 12, 2017
    risk 0.59cvss 9.1epss 0.04

    Adobe Campaign versions Build 8770 and earlier have an input validation bypass that could be exploited to read, write, or delete data from the Campaign database.

  • CVE-2017-2968CriFeb 15, 2017
    risk 0.59cvss 9.1epss 0.03

    Adobe Campaign versions 16.4 Build 8724 and earlier have a code injection vulnerability.

  • CVE-2017-2969MedFeb 15, 2017
    risk 0.40cvss 6.1epss 0.02

    Adobe Campaign versions 16.4 Build 8724 and earlier have a cross-site scripting (XSS) vulnerability.

  • CVE-2019-7850Jul 18, 2019
    risk 0.01cvss epss 0.06

    Adobe Campaign Classic version 18.10.5-8984 and earlier versions have a Command injection vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.

  • CVE-2022-42343Dec 19, 2022
    risk 0.00cvss epss 0.01

    Adobe Campaign version 7.3.1 (and earlier) and 8.3.9 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A low-privilege authenticated attacker can force the application to make arbitrary requests via…

  • CVE-2021-40745Nov 17, 2021
    risk 0.00cvss epss 0.04

    Adobe Campaign version 21.2.1 (and earlier) is affected by a Path Traversal vulnerability that could lead to reading arbitrary server files. By leveraging an exposed XML file, an unauthenticated attacker can enumerate other files on the server.

  • CVE-2021-21009Jan 13, 2021
    risk 0.00cvss epss 0.03

    Adobe Campaign Classic Gold Standard 10 (and earlier), 20.3.1 (and earlier), 20.2.3 (and earlier), 20.1.3 (and earlier), 19.2.3 (and earlier) and 19.1.7 (and earlier) are affected by a server-side request forgery (SSRF) vulnerability. Successful exploitation could allow an…

  • CVE-2020-9666Jun 25, 2020
    risk 0.00cvss epss 0.02

    Adobe Campaign Classic before 20.2 have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2019-7843Jul 18, 2019
    risk 0.00cvss epss 0.03

    Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Insufficient input validation vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.

  • CVE-2019-7941Jul 18, 2019
    risk 0.00cvss epss 0.03

    Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Information Exposure Through an Error Message vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.

  • CVE-2019-7846Jul 18, 2019
    risk 0.00cvss epss 0.03

    Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Improper error handling vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.

  • CVE-2019-7847Jul 18, 2019
    risk 0.00cvss epss 0.03

    Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Improper Restriction of XML External Entity Reference ('XXE') vulnerability. Successful exploitation could lead to Arbitrary read access to the file system in the context of the current user.

  • CVE-2019-7848Jul 18, 2019
    risk 0.00cvss epss 0.03

    Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Inadequate access control vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.