Metasploit modules that can be used to exploit Openx products
-
OpenX Backdoor PHP Code Execution
Disclosure Date: 2013-08-07First seen: 2020-04-26exploit/multi/http/openx_backdoor_phpOpenX Ad Server version 2.8.10 was shipped with an obfuscated backdoor since at least November 2012 through August 2013. Exploitation is simple, requiring only a single request with a rot13'd and reversed payload. Authors: - egypt <egypt@metasploit.com> - Unknown -
OpenX banner-edit.php File Upload PHP Code Execution
Disclosure Date: 2009-11-24First seen: 2020-04-26exploit/unix/webapp/openx_banner_editThis module exploits a vulnerability in the OpenX advertising software. In versions prior to version 2.8.2, authenticated users can upload files with arbitrary extensions to be used as banner creative content. By uploading a file with a PHP extension, an attacker can execute arbitrary PHP code. NOTE: The file must also return either "png", "gif", or "jpeg" as its image type as returned from the PHP getimagesize() function. Authors: - jduck <jduck@metasploit.com>
2 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers.
Visit metasploit web site for more details