EUVD-2014-2686

Malware in sbrugna...

SQL Injection in mAdserve

Advisory ID: HTB23209 Product: mAdserve Vendor: MobFox Vulnerable Versions: 2.0 and probably prior Tested Version: 2.0 Advisory Publication: March 26, 2014 without technical details Vendor Notification: March 26, 2014 Public Disclosure: April 16, 2014 Vulnerability Type: SQL Injection CWE-89 CVE...

Sql injection

Multiple SQL injection vulnerabilities in MobFox mAdserve 2.0 and earlier allow remote authenticated users to execute arbitrary SQL commands via the id parameter to 1 editadunit.php, 2 viewadunits.php, or 3 editcampaign.php in www/cp/...

CVE-2014-2654

MobFox mAdserve 2.0 and earlier is affected by CVE-2014-2654 due to insufficient sanitization of the id parameter in PHP scripts (edit_ad_unit.php, view_adunits.php, edit_campaign.php). The vulnerability allows a remote authenticated attacker to inject and execute arbitrary SQL commands against t...

CVE-2014-2654

Multiple SQL injection vulnerabilities in MobFox mAdserve 2.0 and earlier allow remote authenticated users to execute arbitrary SQL commands via the id parameter to 1 editadunit.php, 2 viewadunits.php, or 3 editcampaign.php in www/cp/...

MobFox mAdserver 2.0 SQL Injection

Advisory ID: HTB23209 Product: mAdserve Vendor: MobFox Vulnerable Versions: 2.0 and probably prior Tested Version: 2.0 Advisory Publication: March 26, 2014 without technical details Vendor Notification: March 26, 2014 Public Disclosure: April 16, 2014 Vulnerability Type: SQL Injection CWE-89 CVE...

MobFox mAdserve SQL注入漏洞

Bugtraq ID:66661 MobFox mAdserve是一款基于WEB的广告服务应用。 MobFox mAdserve存在一个SQL注入漏洞，允许远程攻击者利用漏洞提交特制的SQL查询，操作或获取数据库数据。 0 MobFox mAdserve 2.0 目前没有详细解决方案： http://www.madserve.org/...

SQL Injection in mAdserve

High-Tech Bridge Security Research Lab discovered multiple SQL injection vulnerabilities in mAdserve, which can be exploited to execute arbitrary SQL commands in application’s database and compromise vulnerable website. 1 SQL Injection in mAdserve: CVE-2014-2654 1.1 The vulnerability exists due t...