Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
revive-adserver revive adserver vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2016-9130
Revive Adserver prior to 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via the Revive Adserver user interface exists, requiring a trusted (non-admin) account. The website name wasn't properly escaped when displayed in the campaign-zone.php script.
Revive-adserver Revive Adserver
668
VMScore
CVE-2016-9125
Revive Adserver prior to 3.2.3 suffers from session fixation, by allowing arbitrary session identifiers to be forced and, at the same time, by not invalidating the existing session upon a successful authentication. Under some circumstances, that could have been an opportunity for...
Revive-adserver Revive Adserver
383
VMScore
CVE-2015-7365
Cross-site scripting (XSS) vulnerability in the plugin upgrade form in Revive Adserver prior to 3.2.2 allows remote malicious users to inject arbitrary web script or HTML via the filename of an uploaded file containing errors.
Revive-adserver Revive Adserver
187
VMScore
CVE-2015-7368
Revive Adserver prior to 3.2.2 does not send the appropriate Cache-Control HTTP headers in responses for admin UI pages, which allows local users to obtain sensitive information via the web browser cache.
Revive-adserver Revive Adserver
383
VMScore
CVE-2015-7370
Multiple cross-site scripting (XSS) vulnerabilities in open-flash-chart.swf in Open Flash Chart 2, as used in the VideoAds plugin in Revive Adserver prior to 3.2.2 and CA Release Automation (formerly LISA Release Automation) 5.0.2 prior to 5.0.2-227, 5.5.1 prior to 5.5.1-1616, 5....
Revive-adserver Revive Adserver
668
VMScore
CVE-2015-7372
Directory traversal vulnerability in delivery-dev/al.php in Revive Adserver prior to 3.2.2 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the layerstyle parameter.
Revive-adserver Revive Adserver
755
VMScore
CVE-2019-5434
An attacker could send a specifically crafted payload to the XML-RPC invocation script and trigger the unserialize() call on the "what" parameter in the "openads.spc" RPC method. Such vulnerability could be used to perform various types of attacks, e.g. exploi...
Revive-sas Revive Adserver
1 EDB exploit
NA
CVE-2023-26756
The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks. NOTE: The vendor's position is that this is effectively mitigated by rate limits and password-quality features.
Revive Adserver 5.4.1
685
VMScore
CVE-2013-5954
Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2.8.11 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that delete (1) users via admin/agency-user-unlink.php, (2) advertisers via admin/advertiser-d...
Revive-adserver Revive Adserver
Openx Openx 2.8.1
Openx Openx 2.8.10
Openx Openx 2.8.8
Openx Openx 2.8.7
Openx Openx 2.8.3
Openx Openx 2.8.4
Openx Openx 2.8.9
Openx Openx
Openx Openx 2.8.2
Openx Openx 2.8.6
Openx Openx 2.8
Openx Openx 2.8.5
1 EDB exploit
NA
CVE-2014-87931
Revive Adserver version 3.0.5 suffers from a cross site scripting vulnerability.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5