Description
Unspecified vulnerability in OpenX 2.8.1 and 2.8.2 allows remote attackers to bypass authentication and obtain access to an Administrator account via unknown vectors, possibly related to www/admin/install.php, www/admin/install-plugins.php, and other www/admin/ files.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/61300
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/37914
Patch, Vendor Advisory x_refsource_confirm
http://blog.openx.org/12/security-matters-2/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/37457
Patch x_refsource_misc
http://forum.openx.org/index.php?showtopic=503454011
Scores
EPSS
0.0234
EPSS Percentile
81.5%
Details
CWE
CWE-287
Status
published
Products (2)
openx/openx
2.8.1
openx/openx
2.8.2
Published
Apr 27, 2010
Tracked Since
Feb 18, 2026