CVE-2012-4990

Опубликовано: 22 окт. 2012

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in admin/campaign-zone-link.php in OpenX 2.8.10 before revision 81823 allows remote attackers to execute arbitrary SQL commands via the ids[] parameter in a link action.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2012-10/0065.html
Exploit
http://osvdb.org/86093
http://secunia.com/advisories/50877
Vendor Advisory
http://www.securityfocus.com/bid/55860
https://exchange.xforce.ibmcloud.com/vulnerabilities/79199
https://svn.openx.org/openx/trunk/www/admin/campaign-zone-link.php
https://www.htbridge.com/advisory/HTB23116
Exploit
http://archives.neohapsis.com/archives/bugtraq/2012-10/0065.html
Exploit
http://osvdb.org/86093
http://secunia.com/advisories/50877
Vendor Advisory
http://www.securityfocus.com/bid/55860
https://exchange.xforce.ibmcloud.com/vulnerabilities/79199
https://svn.openx.org/openx/trunk/www/admin/campaign-zone-link.php
https://www.htbridge.com/advisory/HTB23116
Exploit

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:openx:openx:2.8.10:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00763

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-g4qh-86wp-5m5f

github

больше 3 лет назад