SQL injection vulnerability in www/delivery/ac.php in OpenX 2.6.1 allows remote malicious users to execute arbitrary SQL commands via the bannerid parameter.
openx openx 2.6.1