Description
SQL injection vulnerability in www/delivery/axmlrpc.php (aka the XML-RPC delivery invocation script) in Revive Adserver before 3.0.2, and OpenX Source 2.8.11 and earlier, allows remote attackers to execute arbitrary SQL commands via the what parameter to an XML-RPC method.
Remediation
References
Related Vulnerabilities
Oracle Application Server Other Vulnerability (CVE-2007-0286)
TYPO3 Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-26228)
WordPress Plugin Double Opt-In for Download SQL Injection (2.0.9)
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-1000206)
WordPress 3.9.x Same Origin Method Execution (SOME) Vulnerability (3.9 - 3.9.11)