2 matches found
CVE-2014-2654
MobFox mAdserve 2.0 and earlier is affected by CVE-2014-2654 due to insufficient sanitization of the id parameter in PHP scripts (edit_ad_unit.php, view_adunits.php, edit_campaign.php). The vulnerability allows a remote authenticated attacker to inject and execute arbitrary SQL commands against t...
MobFox mAdserver 2.0 SQL Injection
Advisory ID: HTB23209 Product: mAdserve Vendor: MobFox Vulnerable Versions: 2.0 and probably prior Tested Version: 2.0 Advisory Publication: March 26, 2014 without technical details Vendor Notification: March 26, 2014 Public Disclosure: April 16, 2014 Vulnerability Type: SQL Injection CWE-89 CVE...