Lucene search
+L

82 matches found

Talos
Talos
added 2019/10/17 12:0 a.m.70 views

YouPHPTube /plugin/AD_Server/view/campaignsVideos.json.php id SQL injection vulnerability

Summary An exploitable SQL injection vulnerability exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...

8.8CVSS8.4AI score0.01064EPSS
Exploits1
Krebs on Security
Krebs on Security
added 2019/03/13 8:56 p.m.55 views

Ad Network Sizmek Probes Account Breach

Online advertising firm Sizmek Inc. NASDAQ: SZMK says it is investigating a security incident in which a hacker was reselling access to a user account with the ability to modify ads and analytics for a number of big-name advertisers. In a recent posting to a Russian-language cybercrime forum, an...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/12/15 11:30 p.m.59 views

Exosrv.com, an ad server for adult sites, tops Malwarebytes detections

Update 12/18/2017: Upon review, we have decided to lift the block on those two ad servers. You can read ExoClick's comments below: At Exoclick we use large resources to ensure that the ads that we serve are clear, clean and issue free. Where malwares and other forms of malvertising are detected...

6.5AI score
Exploits0
exploitpack
exploitpack
added 2017/04/26 12:0 a.m.21 views

Revive Ad Server 4.0.1 - Cross-Site Scripting Cross-Site Request Forgery

Revive Ad Server 4.0.1 - Cross-Site Scripting Cross-Site Request Forgery --------------------------------------------------------------- Exploit Title: XSRF Stored Revive Ad Server 4.0.1 Date: 24/04/2017 Exploit Author: Cyril Vallicari / HTTPCS / ZIWIT Vendor Website :...

0.4AI score
Exploits0
0day.today
0day.today
added 2017/04/26 12:0 a.m.33 views

Revive Ad Server 4.0.1 - Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities

Exploit for php platform in category web applications --------------------------------------------------------------- Exploit Title: XSRF Stored Revive Ad Server 4.0.1 Date: 24/04/2017 Exploit Author: Cyril Vallicari / HTTPCS / ZIWIT Vendor Website : https://www.revive-adserver.com/ Software...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/26 12:0 a.m.51 views

Revive Ad Server 4.0.1 Cross Site Request Forgery / Cross Site Scripting

--------------------------------------------------------------- Exploit Title: XSRF Stored Revive Ad Server 4.0.1 Date: 24/04/2017 Exploit Author: Cyril Vallicari / HTTPCS / ZIWIT Vendor Website : https://www.revive-adserver.com/ Software download : https://www.revive-adserver.com/download/...

Exploits0
Exploit DB
Exploit DB
added 2017/04/26 12:0 a.m.35 views

Revive Ad Server 4.0.1 - Cross-Site Scripting / Cross-Site Request Forgery

--------------------------------------------------------------- Exploit Title: XSRF Stored Revive Ad Server 4.0.1 Date: 24/04/2017 Exploit Author: Cyril Vallicari / HTTPCS / ZIWIT Vendor Website : https://www.revive-adserver.com/ Software download : https://www.revive-adserver.com/download/...

7.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/02/23 1:2 a.m.17 views

caravans.net Open Redirect vulnerability

Vulnerable URL: http://www.caravans.net/adserver/www/delivery/ck.php?oaparams=2bannerid=303zoneid=182cb=088428212eoadest=https://xssposed.org/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly...

6.9AI score
Exploits0
FireEye
FireEye
added 2015/11/04 1:0 p.m.16 views

iBackDoor: High-Risk Code Hits iOS Apps

Introduction FireEye mobile researchers recently discovered potentially “backdoored” versions of an ad library embedded in thousands of iOS apps originally published in the Apple App Store. The affected versions of this library embedded functionality in iOS apps that used the library to display...

0.8AI score
Exploits0
Prion
Prion
added 2015/07/02 2:59 p.m.11 views

Design/Logic Flaw

Cisco Digital Content Manager DCM 15.0.0 might allow remote ad servers to cause a denial of service reboot via malformed ad messages, aka Bug ID CSCur13999...

5.4CVSS7.1AI score0.00837EPSS
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.37 views

Inout Ad server Ultimate Shell Upload Vulnerabilty

No description provided by source. ============================================================== Inout Ad server Ultimate -- Shell upload Vulnerabilty ============================================================== Name : Inout Ad server Ultimate Shell upload Vulnerabilty Date : july 9,2010...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.28 views

OpenX Ad Server 2.8.7 Cross Site Request Forgery

No description provided by source. Secur-I Research Group Security Advisory ======================================================================= Title: OpenX Ad Server CSRF Vulnerability Product: OpenX Ad Server Vulnerable version: 2.8.7 and probably earlier versions Fixed version: N/A Impact:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.9 views

Orbit Open Ad Server 1.1.0 - SQL Injection

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

Multiple Ad Server Solutions Products 'logon_processing.jsp' SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/32782/info Multiple Ad Server Solutions products are prone to SQL-injection vulnerabilities because they fail to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allo...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/06/30 12:0 a.m.25 views

OpenX Source Unsupported Software Detection

OpenX Source, an open source ad server application is no longer maintained and is unsupported by the vendor. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities. %NASLMINLEVEL 70300 C...

5.5AI score
Exploits0References2
securityvulns
securityvulns
added 2014/05/04 12:0 a.m.64 views

SQL Injection in Orbit Open Ad Server

Advisory ID: HTB23208 Product: Orbit Open Ad Server Vendor: OrbitScripts, LLC Vulnerable Versions: 1.1.0 and probably prior Tested Version: 1.1.0 Advisory Publication: March 19, 2014 without technical details Vendor Notification: March 19, 2014 Vendor Patch: March 21, 2014 Public Disclosure: Apri...

7.5CVSS0.3AI score0.01314EPSS
Exploits5
NVD
NVD
added 2014/04/11 2:55 p.m.31 views

CVE-2014-2540

SQL injection vulnerability in OrbitScripts Orbit Open Ad Server before 1.1.1 allows remote attackers to execute arbitrary SQL commands via the sitedirectorysortfield parameter to guest/sitedirectory...

7.5CVSS8.2AI score0.01314EPSS
Exploits5References4
Prion
Prion
added 2014/04/11 2:55 p.m.26 views

Sql injection

SQL injection vulnerability in OrbitScripts Orbit Open Ad Server before 1.1.1 allows remote attackers to execute arbitrary SQL commands via the sitedirectorysortfield parameter to guest/sitedirectory...

7.5CVSS8.9AI score0.01314EPSS
Exploits5References4Affected Software1
Cvelist
Cvelist
added 2014/04/11 2:0 p.m.40 views

CVE-2014-2540

SQL injection vulnerability in OrbitScripts Orbit Open Ad Server before 1.1.1 allows remote attackers to execute arbitrary SQL commands via the sitedirectorysortfield parameter to guest/sitedirectory...

8.2AI score0.01314EPSS
Exploits5References4
CVE
CVE
added 2014/04/11 2:0 p.m.58 views

CVE-2014-2540

CVE-2014-2540 describes a SQL Injection in Orbit Open Ad Server (OrbitScripts) via the site_directory_sort_field parameter in guest/site_directory. Affected: Orbit Open Ad Server 1.1.0 and probably earlier. Vulnerability type: CWE-89 SQL injection that can lead to arbitrary SQL execution. Root ca...

7.5CVSS8.4AI score0.01314EPSS
Exploits5References4Affected Software1
Rows per page
Query Builder