2 matches found
PT-2026-52649
Bypass to the fix for CVE-2026-34916. Variants of such vectors have been also reported by phucrio and offsetmd. The fix can be bypassed either by sending a disallowed but otherwise valid plugin identifier as type, or using the ox.setChannelTargeting XML-RPC API method...
Revive Adserver: PHP code injection in delivery-limitation `logical` validation bypass - XML-RPC setChannelTargeting
Vulnerability description not provided...