Lucene search
K

709 matches found

Cvelist
Cvelist
added 2019/05/06 4:51 p.m.18 views

CVE-2019-5433

A user having access to the UI of a Revive Adserver instance could be tricked into clicking on a specifically crafted admin account-switch.php URL that would eventually lead them to another unsafe domain, potentially used for stealing credentials or other phishing attacks. This vulnerability was...

5.4AI score0.01675EPSS
Exploits1References2
CVE
CVE
added 2019/05/06 4:51 p.m.49 views

CVE-2019-5433

CVE-2019-5433 describes an open redirect in Revive Adserver’s admin/account-switch.php. A user with UI access could be tricked by a crafted return_url parameter into visiting an external, potentially phishing, domain, enabling credential theft or similar abuse. The issue arises from unrestricted ...

5.8CVSS5.3AI score0.01675EPSS
Exploits1References2Affected Software1
ThreatPost
ThreatPost
added 2019/05/01 10:2 p.m.47 views

Ad Server Patched to Stop Possible Malware Distribution

UPDATE The open-source advertising platform Revive Adserver is urging customers to patch two vulnerabilities, one of which is critical and may have been exploited to allow hackers to deliver malware to third-party websites. Revive Adserver, formerly known as OpenX Source, is a free, open-source a...

0.8AI score
Exploits0References5
Hacker One
Hacker One
added 2019/03/19 2:41 p.m.18 views

Revive Adserver: Deserialization of Untrusted Data in www/delivery/adxmlrpc.php

An attacker could send a specifically crafted payload to the XML-RPC invocation script and trigger the unserialize call on the "what" parameter in the "openads.spc" RPC method. Impact Such vulnerability could be used to perform various types of attacks, e.g. exploit serialize-related PHP...

2.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/09/14 12:0 a.m.24 views

Adserver Script 5.6 SQL Injection

Exploit Title: Adserver Script 5.6 - SQL Injection Dork: N/A Date: 14.09.2017 Vendor Homepage: https://www.goterhosting.com/ Software Link: https://www.goterhosting.com/adserverscript.php Demo: http://adserverscript.gvmhosting.com/ Version: 5.6 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CV...

Exploits0
exploitpack
exploitpack
added 2017/09/14 12:0 a.m.15 views

Adserver Script 5.6 - SQL Injection

Adserver Script 5.6 - SQL Injection Exploit Title: Adserver Script 5.6 - SQL Injection Dork: N/A Date: 14.09.2017 Vendor Homepage: https://www.goterhosting.com/ Software Link: https://www.goterhosting.com/adserverscript.php Demo: http://adserverscript.gvmhosting.com/ Version: 5.6 Category: Webapp...

Exploits0
Exploit DB
Exploit DB
added 2017/09/14 12:0 a.m.18 views

Adserver Script 5.6 - SQL Injection

Exploit Title: Adserver Script 5.6 - SQL Injection Dork: N/A Date: 14.09.2017 Vendor Homepage: https://www.goterhosting.com/ Software Link: https://www.goterhosting.com/adserverscript.php Demo: http://adserverscript.gvmhosting.com/ Version: 5.6 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CV...

7.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/07/05 1:31 p.m.14 views

hanploi.com Open Redirect vulnerability

Open Bug Bounty ID: OBB-259977 Description| Value ---|--- Affected Website:| hanploi.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...

6.7AI score
Exploits0
CNVD
CNVD
added 2017/03/31 12:0 a.m.2 views

Revive Adserver Overauthentication Attempts Improper Restriction Vulnerability

Revive Adserver is an open source advertising management system from the Revive Adserver team. The system provides ad placement, ad space management, data statistics and other functions. A security vulnerability exists in the login page of Revive Adserver versions prior to 3.2.3. An attacker can...

9.8CVSS6.8AI score0.0223EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/31 12:0 a.m.1 views

Revive Adserver Cross-Site Request Forgery Vulnerability (CNVD-2017-04903)

Revive Adserver is an open source advertising management system from the Revive Adserver team. The system provides ad placement, ad space management, data statistics and other functions. A cross-site request forgery vulnerability exists in the password recovery form in Revive Adserver versions...

8.8CVSS8.8AI score0.00762EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/31 12:0 a.m.2 views

Revive Adserver Cross-Site Scripting Vulnerability (CNVD-2017-04899)

Revive Adserver is an open source advertising management system from the Revive Adserver team. The system provides ad placement, ad space management, data statistics and other functions. A cross-site scripting vulnerability exists in Revive Adserver. A remote attacker can exploit this vulnerabili...

5.4CVSS5.5AI score0.01446EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/31 12:0 a.m.2 views

Revive Adserver Session Fixation Vulnerability

Revive Adserver is an open source advertising management system from the Revive Adserver team. The system provides ad placement, ad space management, data statistics and other functions. A security vulnerability exists in Revive Adserver versions prior to 3.2.3. An attacker can exploit the...

9.8CVSS9.2AI score0.02656EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/30 12:0 a.m.1 views

Revive Adserver Cross-Site Scripting Vulnerability (CNVD-2017-05629)

Revive Adserver is an open source advertising management system from the Revive Adserver team. The system provides ad placement, ad space management, data statistics and other functions. Revive Adserver has a cross-site scripting vulnerability. Attackers can use the dbHost or dbUser parameter to...

5.4CVSS5.5AI score0.01638EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/30 12:0 a.m.1 views

Revive Adserver Cross-Site Scripting Vulnerability (CNVD-2017-04607)

Revive Adserver is an open source advertising management system from the Revive Adserver team. The system provides ad placement, ad space management, data statistics and other functions. A cross-site scripting vulnerability exists in the affiliate-preview.php file in www/admin in versions prior t...

5.4CVSS6.2AI score0.01604EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/30 12:0 a.m.1 views

Revive Adserver Cross-Site Request Forgery Vulnerability (CNVD-2017-04902)

Revive Adserver is an open source advertising management system from the Revive Adserver team. The system provides ad placement, ad space management, data statistics and other functions. A cross-site request forgery vulnerability exists in Revive Adserver. A remote attacker can exploit this...

8.8CVSS7AI score0.00801EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/30 12:0 a.m.2 views

Revive Adserver Cross-Site Request Forgery Vulnerability (CNVD-2017-04901)

Revive Adserver is an open source advertising management system from the Revive Adserver team. The system provides ad placement, ad space management, data statistics and other functions. A cross-site request forgery vulnerability exists in Revive Adserver. A remote attacker can exploit this...

8.8CVSS7AI score0.00517EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/30 12:0 a.m.1 views

Revive Adserver Cross-Site Scripting Vulnerability (CNVD-2017-05165)

Revive Adserver is an open source advertising management system from the Revive Adserver team. The system provides ad placement, ad space management, data statistics and other functions. A cross-site scripting vulnerability exists in Revive Adserver. A remote attacker can exploit this vulnerabili...

5.4CVSS6.3AI score0.00873EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/30 12:0 a.m.1 views

Revive Adserver Cross-Site Scripting Vulnerability (CNVD-2017-04904)

Revive Adserver is an open source advertising management system from the Revive Adserver team. The system provides ad placement, ad space management, data statistics and other functions. A cross-site scripting vulnerability exists in Revive Adserver. A remote attacker can exploit this vulnerabili...

5.4CVSS6.3AI score0.01102EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/30 12:0 a.m.1 views

Revive Adserver Elevation of Privilege Vulnerability (CNVD-2017-05631)

Revive Adserver is an open source advertising management system from the Revive Adserver team. The system provides ad placement, ad space management, data statistics and other functions. A security vulnerability exists in the www/delivery/asyncspc.php file in Revive Adserver. An attacker can...

9.3CVSS9AI score0.02097EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/30 12:0 a.m.2 views

Revive Adserver Elevation of Privilege Vulnerability

Revive Adserver is an open source advertising management system from the Revive Adserver team. The system provides ad placement, ad space management, data statistics and other functions. A security vulnerability exists in Revive Adserver versions prior to 3.2.5 and 4.0.0, which stems from the...

3.1CVSS5AI score0.01367EPSS
Exploits0References1
Rows per page
Query Builder