Severity: : High
  Advisory Date: 21 lipca 2015

  DESCRIPTION

SQL injection vulnerability in admin/campaign-zone-link.php in OpenX 2.8.10 before revision 81823 allows remote attackers to execute arbitrary SQL commands via the ids[] parameter in a link action.

  INFORMATION EXPOSURE

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1000608
  Trend Micro Deep Security DPI Rule Name: 1000608 - Generic SQL Injection Prevention

  AFFECTED SOFTWARE AND VERSION:

  • openx openx 2.8.10