exploitDog

GHSA-h3vw-j3r5-fjqq

Опубликовано: 05 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

A Code Execution Vulnerability exists in OpenX Ad Server 2.8.10 due to a backdoor in flowplayer-3.1.1.min.js library, which could let a remote malicious user execute arbitrary PHP code

A Code Execution Vulnerability exists in OpenX Ad Server 2.8.10 due to a backdoor in flowplayer-3.1.1.min.js library, which could let a remote malicious user execute arbitrary PHP code

Ссылки

EPSS

Процентиль: 99%

0.88604

Высокий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2013-4211

CVSS3: 9.8

nvd

почти 6 лет назад

A Code Execution Vulnerability exists in OpenX Ad Server 2.8.10 due to a backdoor in flowplayer-3.1.1.min.js library, which could let a remote malicious user execute arbitrary PHP code

EPSS

Процентиль: 99%

0.88604

Высокий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-94