Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
revive-adserver revive adserver vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2016-9455
Revive Adserver prior to 3.2.3 suffers from Cross-Site Request Forgery (CSRF). A number of scripts in Revive Adserver's user interface are vulnerable to CSRF attacks: `www/admin/banner-acl.php`, `www/admin/banner-activate.php`, `www/admin/banner-advanced.php`, `www/admin/ban...
Revive-adserver Revive Adserver
8.8
CVSSv3
CVE-2016-9456
Revive Adserver prior to 3.2.3 suffers from Cross-Site Request Forgery (CSRF). The Revive Adserver team conducted a security audit of the admin interface scripts in order to identify and fix other potential CSRF vulnerabilities. Over 20+ such issues were fixed.
Revive-adserver Revive Adserver
5.4
CVSSv3
CVE-2016-9457
Revive Adserver prior to 3.2.3 suffers from Reflected XSS. `www/admin/stats.php` is vulnerable to reflected XSS attacks via multiple parameters that are not properly sanitised or escaped when displayed, such as setPerPage, pageId, bannerid, period_start, period_end, and possibly ...
Revive-adserver Revive Adserver
6.1
CVSSv3
CVE-2021-22874
Revive Adserver prior to 5.1.1 is vulnerable to a reflected XSS vulnerability in userlog-index.php via the `period_preset` parameter.
Revive-adserver Revive Adserver
6.8
CVSSv3
CVE-2020-8142
A security restriction bypass vulnerability has been discovered in Revive Adserver version < 5.0.5 by HackerOne user hoangn144. Revive Adserver, like many other applications, requires the logged in user to type the current password in order to change the e-mail address or the ...
Revive-adserver Revive Adserver
6.1
CVSSv3
CVE-2020-8143
An Open Redirect vulnerability exists in Revive Adserver version < 5.0.5 and reported by HackerOne user hoangn144. A remote attacker could trick logged-in users to open a specifically crafted link and have them redirected to any destination.The CSRF protection of the “/w...
Revive-adserver Revive Adserver
9.8
CVSSv3
CVE-2019-5434
An attacker could send a specifically crafted payload to the XML-RPC invocation script and trigger the unserialize() call on the "what" parameter in the "openads.spc" RPC method. Such vulnerability could be used to perform various types of attacks, e.g. exploi...
Revive-sas Revive Adserver
1 EDB exploit
7.5
CVSSv3
CVE-2023-26756
The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks.
Revive Adserver 5.4.1
NA
CVE-2013-5954
Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2.8.11 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that delete (1) users via admin/agency-user-unlink.php, (2) advertisers via admin/advertiser-d...
Revive-adserver Revive Adserver
Openx Openx 2.8.1
Openx Openx 2.8.10
Openx Openx 2.8.8
Openx Openx 2.8.7
Openx Openx 2.8.3
Openx Openx 2.8.4
Openx Openx 2.8.9
Openx Openx
Openx Openx 2.8.2
Openx Openx 2.8.6
Openx Openx 2.8
Openx Openx 2.8.5
1 EDB exploit
NA
CVE-2014-87931
Revive Adserver version 3.0.5 suffers from a cross site scripting vulnerability.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5