Zero-day Vulnerability Database
Zero-day vulnerabilities discovered: 2
SQL Injection in OpenX Source Revive Adserver
CVE-2013-7149
SQL injection
The vulnerability allows a remote attacker to execute arbitrary SQL commands in vulnerable application.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can send a specially crafted HTTP request to the XML-RPC script using the "what" parameter and view, add, modify or delete information in the back-end database.
Successful exploitation may allow an attacker to gain unauthorized access to the vulnerable system.
Note: this vulnerability was being actively exploited.
The vulnerability was discovered and reported to Revive Adserver team by Florian Sander.
The vulnerability is considered to be connected with attacks on web site centralpark[.]com and high-traffic site clipconverter[.]cc
Software: Revive Adserver
The vulnerability is considered to be connected with attacks on web site centralpark[.]com and high-traffic site clipconverter[.]cc
PHP code execution in OpenX Revive Adserver
CVE-2013-4211
Arbitrary PHP code execution
The vulnerability allows a remote attacker to execute arbitrary PHP code on the target system.The weakness exists due to compromise of the source code package. A remote attacker can create a specially crafted request with a rot13'd and reversed payload and send it to the target system to execute arbitrary PHP code.
Successful exploitation of the vulnerability results in arbitrary PHP code execution on the vulnerable system.
Note: the vulnerability was being actively exploited.
The vulnerability has been exploited from November 2012 till August 2013.
Software: Revive Adserver