Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openx openx vulnerabilities and exploits
(subscribe to this query)
760
VMScore
CVE-2009-0291
Directory traversal vulnerability in fc.php in OpenX 2.6.3 allows remote malicious users to include and execute arbitrary files via a .. (dot dot) in the MAX_type parameter.
Openx Openx 2.6.3
2 EDB exploits
755
VMScore
CVE-2013-4211
A Code Execution Vulnerability exists in OpenX Ad Server 2.8.10 due to a backdoor in flowplayer-3.1.1.min.js library, which could let a remote malicious user execute arbitrary PHP code
Openx Openx 2.8.10
1 EDB exploit
755
VMScore
CVE-2008-6163
SQL injection vulnerability in www/delivery/ac.php in OpenX 2.6.1 allows remote malicious users to execute arbitrary SQL commands via the bannerid parameter.
Openx Openx 2.6.1
1 EDB exploit
685
VMScore
CVE-2013-7376
Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2.8.10, possibly before revision 82710, allow remote malicious users to hijack the authentication of administrators, as demonstrated by requests that conduct directory traversal attacks via the group parameter to...
Openx Openx 2.8.10
1 EDB exploit
685
VMScore
CVE-2013-5954
Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2.8.11 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that delete (1) users via admin/agency-user-unlink.php, (2) advertisers via admin/advertiser-d...
Revive-adserver Revive Adserver
Openx Openx 2.8.1
Openx Openx 2.8.10
Openx Openx 2.8.8
Openx Openx 2.8.7
Openx Openx 2.8.3
Openx Openx 2.8.4
Openx Openx 2.8.9
Openx Openx
Openx Openx 2.8.2
Openx Openx 2.8.6
Openx Openx 2.8
Openx Openx 2.8.5
1 EDB exploit
668
VMScore
CVE-2013-7149
SQL injection vulnerability in www/delivery/axmlrpc.php (aka the XML-RPC delivery invocation script) in Revive Adserver prior to 3.0.2, and OpenX Source 2.8.11 and previous versions, allows remote malicious users to execute arbitrary SQL commands via the what parameter to an XML-...
Openx Openx 2.8.10
Openx Openx
Revive-adserver Revive Adserver
Revive-adserver Revive Adserver 3.0.0
668
VMScore
CVE-2012-4990
SQL injection vulnerability in admin/campaign-zone-link.php in OpenX 2.8.10 before revision 81823 allows remote malicious users to execute arbitrary SQL commands via the ids[] parameter in a link action.
Openx Openx 2.8.10
668
VMScore
CVE-2009-4830
Unspecified vulnerability in OpenX 2.8.1 and 2.8.2 allows remote malicious users to bypass authentication and obtain access to an Administrator account via unknown vectors, possibly related to www/admin/install.php, www/admin/install-plugins.php, and other www/admin/ files.
Openx Openx 2.8.1
Openx Openx 2.8.2
605
VMScore
CVE-2009-4098
Unrestricted file upload vulnerability in banner-edit.php in OpenX adserver 2.8.1 and previous versions allows remote authenticated users with banner / file upload permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a dire...
Openx Openx 2.4
Openx Openx 2.6.1
Openx Openx 2.6.3
Openx Openx
Openx Openx 2.8
1 EDB exploit
516
VMScore
CVE-2014-2230
Open redirect vulnerability in the header function in adclick.php in OpenX 2.8.10 and previous versions allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) dest parameter to adclick.php or (2) _maxdest parameter...
Openx Openx
Openx Openx 2.8.2
Openx Openx 2.8.1
Openx Openx 2.8
Openx Openx 2.8.3
Openx Openx 2.8.4
Openx Openx 2.8.5
Openx Openx 2.8.6
Openx Openx 2.8.7
Openx Openx 2.8.8
Openx Openx 2.8.9
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »