CVE-2013-4211

Опубликовано: 14 фев. 2020

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Высокий

Описание

A Code Execution Vulnerability exists in OpenX Ad Server 2.8.10 due to a backdoor in flowplayer-3.1.1.min.js library, which could let a remote malicious user execute arbitrary PHP code

Ссылки

http://www.exploit-db.com/exploits/27529
Exploit
Third Party Advisory
VDB Entry
http://www.openwall.com/lists/oss-security/2013/08/07/2
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/61650
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/86259
Third Party Advisory
VDB Entry
https://packetstormsecurity.com/files/cve/CVE-2013-4211
Exploit
Third Party Advisory
VDB Entry
http://www.exploit-db.com/exploits/27529
Exploit
Third Party Advisory
VDB Entry
http://www.openwall.com/lists/oss-security/2013/08/07/2
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/61650
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/86259
Third Party Advisory
VDB Entry
https://packetstormsecurity.com/files/cve/CVE-2013-4211
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:openx:openx:2.8.10:*:*:*:*:*:*:*

EPSS

Процентиль: 99%

0.88604

Высокий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-94

Связанные уязвимости

GHSA-h3vw-j3r5-fjqq