Openx@2.8.7 Security Vulnerabilities and Issues — Openx@2.8.7 CVE List

Lucene search

OpenxOpenx2.8.7

3 matches found

cve•added 2014/05/14 7:55 p.m.•51 views

CVE-2013-3514

Multiple directory traversal vulnerabilities in OpenX before 2.8.10 revision 82710 allow remote administrators to read arbitrary files via a .. (dot dot) in the group parameter to (1) plugin-preferences.php or (2) plugin-settings.php in www/admin, a different vulnerability than CVE-2013-7376. NOTE:...

4.3CVSS6.9AI score0.08264EPSS

cve•added 2014/10/23 2:55 p.m.•40 views

CVE-2014-2230

Open redirect vulnerability in the header function in adclick.php in OpenX 2.8.10 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) dest parameter to adclick.php or (2) _maxdest parameter to ck.php.

5.8CVSS6.9AI score0.00359EPSS

cve•added 2014/04/25 2:15 p.m.•37 views

CVE-2013-5954

Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2.8.11 and earlier allow remote attackers to hijack the authentication of administrators for requests that delete (1) users via admin/agency-user-unlink.php, (2) advertisers via admin/advertiser-delete.php, (3) banners via admin/ba...

6.8CVSS7.3AI score0.05906EPSS