CVE-2014-2654 Information

Feb 14, 2021 cve

Description

Multiple SQL injection vulnerabilities in MobFox mAdserve 2.0 and earlier allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) edit_ad_unit.php (2) view_adunits.php or (3) edit_campaign.php in www/cp/.

Reference

http://secunia.com/advisories/58003 http://www.securityfocus.com/archive/1/531848/100/0/threaded http://www.securityfocus.com/bid/66661 https://exchange.xforce.ibmcloud.com/vulnerabilities/92545 https://www.htbridge.com/advisory/HTB23209

Share on: