Metasploit modules that can be used to exploit Openx products

Order by Disclosure Date Module Name Module Type
  • OpenX Backdoor PHP Code Execution
    Disclosure Date: 2013-08-07
    First seen: 2020-04-26
    exploit/multi/http/openx_backdoor_php
    OpenX Ad Server version 2.8.10 was shipped with an obfuscated backdoor since at least November 2012 through August 2013. Exploitation is simple, requiring only a single request with a rot13'd and reversed payload. Authors: - egypt <egypt@metasploit.com> - Unknown
  • OpenX banner-edit.php File Upload PHP Code Execution
    Disclosure Date: 2009-11-24
    First seen: 2020-04-26
    exploit/unix/webapp/openx_banner_edit
    This module exploits a vulnerability in the OpenX advertising software. In versions prior to version 2.8.2, authenticated users can upload files with arbitrary extensions to be used as banner creative content. By uploading a file with a PHP extension, an attacker can execute arbitrary PHP code. NOTE: The file must also return either "png", "gif", or "jpeg" as its image type as returned from the PHP getimagesize() function. Authors: - jduck <jduck@metasploit.com>
2 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers. Visit metasploit web site for more details
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close