Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openx openx 2.8.10 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-7376
Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2.8.10, possibly before revision 82710, allow remote malicious users to hijack the authentication of administrators, as demonstrated by requests that conduct directory traversal attacks via the group parameter to...
Openx Openx 2.8.10
1 EDB exploit
9.8
CVSSv3
CVE-2013-4211
A Code Execution Vulnerability exists in OpenX Ad Server 2.8.10 due to a backdoor in flowplayer-3.1.1.min.js library, which could let a remote malicious user execute arbitrary PHP code
Openx Openx 2.8.10
1 EDB exploit
NA
CVE-2012-4989
Cross-site scripting (XSS) vulnerability in admin/plugin-index.php in OpenX 2.8.10 before revision 81823 allows remote malicious users to inject arbitrary web script or HTML via the parent parameter in an info action.
Openx Openx 2.8.10
1 EDB exploit
NA
CVE-2012-4990
SQL injection vulnerability in admin/campaign-zone-link.php in OpenX 2.8.10 before revision 81823 allows remote malicious users to execute arbitrary SQL commands via the ids[] parameter in a link action.
Openx Openx 2.8.10
NA
CVE-2013-5954
Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2.8.11 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that delete (1) users via admin/agency-user-unlink.php, (2) advertisers via admin/advertiser-d...
Revive-adserver Revive Adserver
Openx Openx 2.8.1
Openx Openx 2.8.10
Openx Openx 2.8.8
Openx Openx 2.8.7
Openx Openx 2.8.3
Openx Openx 2.8.4
Openx Openx 2.8.9
Openx Openx
Openx Openx 2.8.2
Openx Openx 2.8.6
Openx Openx 2.8
Openx Openx 2.8.5
1 EDB exploit
NA
CVE-2013-3514
Multiple directory traversal vulnerabilities in OpenX prior to 2.8.10 revision 82710 allow remote administrators to read arbitrary files via a .. (dot dot) in the group parameter to (1) plugin-preferences.php or (2) plugin-settings.php in www/admin, a different vulnerability than...
Openx Openx 2.8.4
Openx Openx 2.8.3
Openx Openx 2.8.2
Openx Openx
Openx Openx 2.4.6
Openx Openx 2.4.5
Openx Openx 2.4.4
Openx Openx 2.4.11
Openx Openx 2.6.4
Openx Openx 2.6.3
Openx Openx 2.6.2
Openx Openx 2.6.1
Openx Openx 2.8.9
Openx Openx 2.8.7
Openx Openx 2.8.5
Openx Openx 2.8.1
Openx Openx 2.7.29
Openx Openx 2.4.9
Openx Openx 2.4.7
Openx Openx 2.4.10
Openx Openx 2.8.8
Openx Openx 2.8.6
1 EDB exploit
NA
CVE-2013-3515
Multiple cross-site scripting (XSS) vulnerabilities in OpenX Source 2.8.10 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) package parameter to www/admin/plugin-index.php or the (2) group parameter to www/admin/plugin-settings...
Openx Openx
Openx Openx 2.8
Openx Openx 2.4.9
Openx Openx 2.4.8
Openx Openx 2.6.4
Openx Openx 2.7.29
Openx Openx 2.6.3
Openx Openx 2.4.4
Openx Openx 2.6.1
Openx Openx 2.6.2
Openx Openx 2.8.2
Openx Openx 2.8.3
Openx Openx 2.8.1
Openx Openx 2.4
Openx Openx 2.4.11
Openx Openx 2.4.10
Openx Openx 2.8.4
Openx Openx 2.8.5
Openx Openx 2.4.5
Openx Openx 2.4.6
Openx Openx 2.4.7
Openx Openx 2.6.0
1 EDB exploit
NA
CVE-2013-7149
SQL injection vulnerability in www/delivery/axmlrpc.php (aka the XML-RPC delivery invocation script) in Revive Adserver prior to 3.0.2, and OpenX Source 2.8.11 and previous versions, allows remote malicious users to execute arbitrary SQL commands via the what parameter to an XML-...
Openx Openx 2.8.10
Openx Openx
Revive-adserver Revive Adserver
Revive-adserver Revive Adserver 3.0.0
NA
CVE-2014-2230
Open redirect vulnerability in the header function in adclick.php in OpenX 2.8.10 and previous versions allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) dest parameter to adclick.php or (2) _maxdest parameter...
Openx Openx
Openx Openx 2.8.2
Openx Openx 2.8.1
Openx Openx 2.8
Openx Openx 2.8.3
Openx Openx 2.8.4
Openx Openx 2.8.5
Openx Openx 2.8.6
Openx Openx 2.8.7
Openx Openx 2.8.8
Openx Openx 2.8.9
NA
CVE-2013-35152
OpenX version 2.8.10 suffers from cross site scripting and local file inclusion vulnerabilities.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started