709 matches found
Revive Adserver Cross-Site Request Forgery Vulnerability (CNVD-2017-04902)
Revive Adserver is an open source advertising management system from the Revive Adserver team. The system provides ad placement, ad space management, data statistics and other functions. A cross-site request forgery vulnerability exists in Revive Adserver. A remote attacker can exploit this...
Revive Adserver Elevation of Privilege Vulnerability
Revive Adserver is an open source advertising management system from the Revive Adserver team. The system provides ad placement, ad space management, data statistics and other functions. A security vulnerability exists in Revive Adserver versions prior to 3.2.5 and 4.0.0, which stems from the...
CVE-2016-9471
Revive Adserver before 3.2.5 and 4.0.0 suffers from Special Element Injection. Usernames weren't properly sanitised when creating users on a Revive Adserver instance. Especially, control characters were not filtered, allowing apparently identical usernames to co-exist in the system, due to the fa...
CVE-2016-9470
Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected File Download. www/delivery/asyncspc.php was vulnerable to the fairly new Reflected File Download RFD web attack vector that enables attackers to gain complete control over a victim's machine by virtually downloading a file from a...
CVE-2016-9472
Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected XSS. The Revive Adserver web installer scripts were vulnerable to a reflected XSS attack via the dbHost, dbUser, and possibly other parameters. It has to be noted that the window for such attack vectors to be possible is extremely narr...
CVE-2016-9470
Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected File Download. www/delivery/asyncspc.php was vulnerable to the fairly new Reflected File Download RFD web attack vector that enables attackers to gain complete control over a victim's machine by virtually downloading a file from a...
CVE-2016-9471
Revive Adserver before 3.2.5 and 4.0.0 suffers from Special Element Injection. Usernames weren't properly sanitised when creating users on a Revive Adserver instance. Especially, control characters were not filtered, allowing apparently identical usernames to co-exist in the system, due to the fa...
CVE-2016-9472
Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected XSS. The Revive Adserver web installer scripts were vulnerable to a reflected XSS attack via the dbHost, dbUser, and possibly other parameters. It has to be noted that the window for such attack vectors to be possible is extremely narr...
CVE-2016-9130
Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via the Revive Adserver user interface exists, requiring a trusted non-admin account. The website name wasn't properly escaped when displayed in the campaign-zone.php script...
CVE-2016-9454
Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via the Revive Adserver user interface exists, requiring a trusted non-admin account. The banner image URL for external banners wasn't properly escaped when displayed in most of the banner related pages...
CVE-2016-9455
Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery CSRF. A number of scripts in Revive Adserver's user interface are vulnerable to CSRF attacks: www/admin/banner-acl.php, www/admin/banner-activate.php, www/admin/banner-advanced.php, www/admin/banner-modify.php,...
CVE-2016-9124
Revive Adserver before 3.2.3 suffers from Improper Restriction of Excessive Authentication Attempts. The login page of Revive Adserver is vulnerable to password-guessing attacks. An account lockdown feature was considered, but rejected to avoid introducing service disruptions to regular users...
Cross site request forgery (csrf)
Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery CSRF. The password recovery form in Revive Adserver is vulnerable to CSRF attacks. This vulnerability could be exploited to send a large number of password recovery emails to the registered users, especially in conjunction with ...
CVE-2016-9126
Revive Adserver before 3.2.3 suffers from persistent XSS. Usernames are not properly escaped when displayed in the audit trail widget of the dashboard upon login, allowing persistent XSS attacks. An authenticated user with enough privileges to create other users could exploit the vulnerability to...
CVE-2016-9457
Revive Adserver before 3.2.3 suffers from Reflected XSS. www/admin/stats.php is vulnerable to reflected XSS attacks via multiple parameters that are not properly sanitised or escaped when displayed, such as setPerPage, pageId, bannerid, periodstart, periodend, and possibly others...
Cross site scripting
Revive Adserver before 3.2.3 suffers from Reflected XSS. www/admin/stats.php is vulnerable to reflected XSS attacks via multiple parameters that are not properly sanitised or escaped when displayed, such as setPerPage, pageId, bannerid, periodstart, periodend, and possibly others...
Cross site scripting
Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via the Revive Adserver user interface exists, requiring a trusted non-admin account. The banner image URL for external banners wasn't properly escaped when displayed in most of the banner related pages...
Cross site scripting
Revive Adserver before 3.2.3 suffers from persistent XSS. Usernames are not properly escaped when displayed in the audit trail widget of the dashboard upon login, allowing persistent XSS attacks. An authenticated user with enough privileges to create other users could exploit the vulnerability to...
Design/Logic Flaw
Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected File Download. www/delivery/asyncspc.php was vulnerable to the fairly new Reflected File Download RFD web attack vector that enables attackers to gain complete control over a victim's machine by virtually downloading a file from a...
Design/Logic Flaw
Revive Adserver before 3.2.5 and 4.0.0 suffers from Special Element Injection. Usernames weren't properly sanitised when creating users on a Revive Adserver instance. Especially, control characters were not filtered, allowing apparently identical usernames to co-exist in the system, due to the fa...