CVE-2014-2654

Severity CVSS v4.0:
Pending analysis
Type:
CWE-89 SQL Injection
Publication date:
22/04/2014
Last modified:
12/04/2025

Description

Multiple SQL injection vulnerabilities in MobFox mAdserve 2.0 and earlier allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) edit_ad_unit.php, (2) view_adunits.php, or (3) edit_campaign.php in www/cp/.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:mobfox:madserve:*:*:*:*:*:*:*:* 2.0 (including)