OpenX 'flowplayer-3.1.1.min.js' Backdoor Vulnerability Network Vulnerability

Summary

OpenX is prone to a backdoor vulnerability.

Impact

Attackers can exploit this issue to execute arbitrary code in the context of the application. Successful attacks will compromise the affected application. Impact Level: Application

Solution

Updates are available.

Insight

The security issue is caused due to the distribution of a compromised OpenX Source source code package containing a backdoor.

Affected

OpenX 2.8.10 is vulnerable other versions may also be affected.

Detection

It was possible to execute 'phpinfo()' by sending a special crafted POST request

References

http://www.securityfocus.com/bid/61650

Updated on 2017-03-28

Severity

Classification

CVE CVE-2013-4211

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Assesi 'bg' Parameter SQL Injection vulnerability
'research_display.php' SQL Injection Vulnerability
4Images <= 1.7.1 Directory Traversal Vulnerability
ArticleSetup Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
Apache Tomcat Windows Installer Privilege Escalation Vulnerability

Take action and discover your vulnerabilities