Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
revive-adserver revive adserver vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-7371
Revive Adserver prior to 3.2.2 does not restrict access to run-mpe.php, which allows remote malicious users to run the Maintenance Priority Engine and possibly cause a denial of service (resource consumption) via a direct request.
Revive-adserver Revive Adserver
NA
CVE-2015-7372
Directory traversal vulnerability in delivery-dev/al.php in Revive Adserver prior to 3.2.2 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the layerstyle parameter.
Revive-adserver Revive Adserver
4.8
CVSSv3
CVE-2021-22871
Revive Adserver prior to 5.1.0 permits any user with a manager account to store possibly malicious content in the URL website property, which is then displayed unsanitized in the affiliate-preview.php tag generation screen, leading to a persistent cross-site scripting (XSS) vulne...
Revive-adserver Revive Adserver
6.1
CVSSv3
CVE-2021-22872
Revive Adserver prior to 5.1.0 is vulnerable to a reflected cross-site scripting (XSS) vulnerability via the publicly accessible afr.php delivery script. While this issue was previously addressed in modern browsers as CVE-2020-8115, some older browsers (e.g., IE10) that do not au...
Revive-adserver Revive Adserver
6.1
CVSSv3
CVE-2021-22873
Revive Adserver prior to 5.1.0 is vulnerable to open redirects via the `dest`, `oadest`, and/or `ct0` parameters of the lg.php and ck.php delivery scripts. Such open redirects had previously been available by design to allow third party ad servers to track such metrics when deliv...
Revive-adserver Revive Adserver
1 Github repository
6.1
CVSSv3
CVE-2021-22874
Revive Adserver prior to 5.1.1 is vulnerable to a reflected XSS vulnerability in userlog-index.php via the `period_preset` parameter.
Revive-adserver Revive Adserver
6.1
CVSSv3
CVE-2021-22875
Revive Adserver prior to 5.1.1 is vulnerable to a reflected XSS vulnerability in stats.php via the `setPerPage` parameter.
Revive-adserver Revive Adserver
6.1
CVSSv3
CVE-2021-22888
Revive Adserver before v5.2.0 is vulnerable to a reflected XSS vulnerability in the `status` parameter of campaign-zone-zones.php. An attacker could trick a user with access to the user interface of a Revive Adserver instance into clicking on a specifically crafted URL and execut...
Revive-adserver Revive Adserver
6.1
CVSSv3
CVE-2021-22889
Revive Adserver before v5.2.0 is vulnerable to a reflected XSS vulnerability in the `statsBreakdown` parameter of stats.php (and possibly other scripts) due to single quotes not being escaped. An attacker could trick a user with access to the user interface of a Revive Adserver i...
Revive-adserver Revive Adserver
6.1
CVSSv3
CVE-2020-8115
A reflected XSS vulnerability has been discovered in the publicly accessible afr.php delivery script of Revive Adserver <= 5.0.3 by Jacopo Tediosi. There are currently no known exploits: the session identifier cannot be accessed as it is stored in an http-only cookie as of v3....
Revive-adserver Revive Adserver
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »