Which means that if you are running OpenX, make sure to update to the latest version which was issued just now. The latest download can be found here.

We posted an advisory detailing some well hidden SQL injection vulnerabilities as well as XSS, the possibility of arbitrary file deletion and CRLF injection. Additionally, we made available a video (below) on your favorite video sharing site explaining how we were able to identify the flaws by making use of Acunetix Acusensor (not much skills involved there), analyze the flaws and eventually develop some code to exploit one of the blind SQL injection vulnerabilities. This exploit is not publicly available  but interested organizations can contact info@enablesecurity.com for further details.