Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
revive-adserver revive adserver vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2016-9130
Revive Adserver prior to 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via the Revive Adserver user interface exists, requiring a trusted (non-admin) account. The website name wasn't properly escaped when displayed in the campaign-zone.php script.
Revive-adserver Revive Adserver
3.5
CVSSv2
CVE-2016-9472
Revive Adserver prior to 3.2.5 and 4.0.0 suffers from Reflected XSS. The Revive Adserver web installer scripts were vulnerable to a reflected XSS attack via the dbHost, dbUser, and possibly other parameters. It has to be noted that the window for such attack vectors to be possibl...
Revive-adserver Revive Adserver 4.0.0
Revive-adserver Revive Adserver
3.5
CVSSv2
CVE-2016-9454
Revive Adserver prior to 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via the Revive Adserver user interface exists, requiring a trusted (non-admin) account. The banner image URL for external banners wasn't properly escaped when displayed in most of...
Revive-adserver Revive Adserver
3.5
CVSSv2
CVE-2016-9457
Revive Adserver prior to 3.2.3 suffers from Reflected XSS. `www/admin/stats.php` is vulnerable to reflected XSS attacks via multiple parameters that are not properly sanitised or escaped when displayed, such as setPerPage, pageId, bannerid, period_start, period_end, and possibly ...
Revive-adserver Revive Adserver
3.5
CVSSv2
CVE-2017-5832
Cross-site scripting (XSS) vulnerability in Revive Adserver prior to 4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via the user's email address.
Revive-adserver Revive Adserver
2.1
CVSSv2
CVE-2016-9471
Revive Adserver prior to 3.2.5 and 4.0.0 suffers from Special Element Injection. Usernames weren't properly sanitised when creating users on a Revive Adserver instance. Especially, control characters were not filtered, allowing apparently identical usernames to co-exist in t...
Revive-adserver Revive Adserver 4.0.0
Revive-adserver Revive Adserver
2.1
CVSSv2
CVE-2015-7368
Revive Adserver prior to 3.2.2 does not send the appropriate Cache-Control HTTP headers in responses for admin UI pages, which allows local users to obtain sensitive information via the web browser cache.
Revive-adserver Revive Adserver
NA
CVE-2023-38040
A reflected XSS vulnerability exists in Revive Adserver 5.4.1 and previous versions versions..
Revive-adserver Revive Adserver
NA
CVE-2023-26756
The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks. NOTE: The vendor's position is that this is effectively mitigated by rate limits and password-quality features.
Revive Adserver 5.4.1
NA
CVE-2014-87931
Revive Adserver version 3.0.5 suffers from a cross site scripting vulnerability.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5