FreeBSD : openx -- sql injection vulnerability (55616fda-a2d0-11dd-a9f9-0030843d3802)
High Nessus Plugin ID 34497
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionSecunia reports :
OpenX can be exploited by malicious people to conduct SQL injection attacks.
Input passed to the 'bannerid' parameter in www/delivery/ac.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
SolutionUpdate the affected package.