7 matches found
EUVD-2012-4914
Malware in sbrugna...
EUVD-2014-2270
Malware in sbrugna...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in OpenX 2.8.10, possibly before revision 82710, allow remote attackers to hijack the authentication of administrators, as demonstrated by requests that conduct directory traversal attacks via the group parameter to 1 plugin-preferences.php...
CVE-2012-4990
SQL injection vulnerability in admin/campaign-zone-link.php in OpenX 2.8.10 before revision 81823 allows remote attackers to execute arbitrary SQL commands via the ids parameter in a link action...
CVE-2012-4989
Cross-site scripting XSS vulnerability in admin/plugin-index.php in OpenX 2.8.10 before revision 81823 allows remote attackers to inject arbitrary web script or HTML via the parent parameter in an info action...
Sql injection
SQL injection vulnerability in admin/campaign-zone-link.php in OpenX 2.8.10 before revision 81823 allows remote attackers to execute arbitrary SQL commands via the ids parameter in a link action...
CVE-2012-4989
OpenX 2.8.10 and earlier versions are vulnerable to a Cross‑Site Scripting (XSS) in admin/plugin-index.php via the parent parameter in the info action (CVE-2012-4989). The root cause is unsanitized input returned to the administrator’s browser. Vendor fixed it in SVN revision 81823 (solution file...