Openx · Openx Adserver · CVE-2013-4211
Name of the Vulnerable Software and Affected Versions:
OpenX Ad Server version 2.8.10
Description:
A code execution issue exists due to a backdoor in the flowplayer-3.1.1.min.js library, potentially allowing a remote malicious user to execute arbitrary PHP code.
Recommendations:
For OpenX Ad Server version 2.8.10, consider removing or disabling the flowplayer-3.1.1.min.js library to prevent exploitation until a patch is available.