CVE-2009-4830

Openx - Authentication Bypass

Title source: rule

Description

Unspecified vulnerability in OpenX 2.8.1 and 2.8.2 allows remote attackers to bypass authentication and obtain access to an Administrator account via unknown vectors, possibly related to www/admin/install.php, www/admin/install-plugins.php, and other www/admin/ files.

References (5)

[Patch, Vendor Advisory] http://blog.openx.org/12/security-matters-2/

[Patch] http://forum.openx.org/index.php?showtopic=503454011

[Vendor Advisory] http://secunia.com/advisories/37914

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/37457

[Third Party Advisory, VDB Entry] http://osvdb.org/61300

Scores

EPSS 0.0054

EPSS Percentile 67.2%

Classification

CWE

CWE-287

Status draft

Affected Products (2)

openx/openx

Timeline

Published Apr 27, 2010

Tracked Since Feb 18, 2026