CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

653 matches found

securityvulns•added 2014/12/22 12:0 a.m.•88 views

Cross-Site Scripting (XSS) in Revive Adserver

Advisory ID: HTB23242 Product: Revive Adserver Vendor: http://www.revive-adserver.com/ Vulnerable Versions: 3.0.5 and probably prior Tested Version: 3.0.5 Advisory Publication: November 12, 2014 without technical details Vendor Notification: November 12, 2014 Vendor Patch: December 17, 2014 Publi...

4.3CVSS0.1AI score0.02309EPSS

Exploits3

NVD•added 2014/12/19 3:59 p.m.•14 views

CVE-2014-9407

Multiple cross-site request forgery CSRF vulnerabilities in Revive Adserver before 3.0.5 allow remote attackers to hijack the authentication of administrators for requests that 1 delete data via a request to agency-delete.php, 2 tracker-delete.php, or 3 userlog-delete.php in admin/ or 4 unlink...

6.8CVSS7.2AI score0.00576EPSS

Exploits0References1

NVD•added 2014/12/19 3:59 p.m.•36 views

CVE-2014-8875

The XMLRPCcd function in lib/pear/XML/RPC.php in Revive Adserver before 3.0.6 allows remote attackers to cause a denial of service CPU and memory consumption via a crafted XML-RPC request, aka an XML Entity Expansion XEE attack...

5CVSS6.4AI score0.02564EPSS

Exploits1References4

NVD•added 2014/12/19 3:59 p.m.•46 views

CVE-2014-8793

Cross-site scripting XSS vulnerability in lib/max/Admin/UI/Field/PublisherIdField.php in Revive Adserver before 3.0.6 allows remote attackers to inject arbitrary web script or HTML via the refreshpage parameter to www/admin/report-generate.php...

4.3CVSS5.6AI score0.02309EPSS

Exploits3References8

Prion•added 2014/12/19 3:59 p.m.•21 views

Cross site scripting

4.3CVSS6AI score0.02309EPSS

Exploits3References8Affected Software1

Prion•added 2014/12/19 3:59 p.m.•16 views

Design/Logic Flaw

5CVSS7AI score0.02564EPSS

Exploits1References4Affected Software1

Prion•added 2014/12/19 3:59 p.m.•12 views

Cross site request forgery (csrf)

6.8CVSS7.7AI score0.00576EPSS

Exploits0References1Affected Software1

Cvelist•added 2014/12/19 3:0 p.m.•53 views

CVE-2014-8793

5.6AI score0.02309EPSS

Exploits3References8

Cvelist•added 2014/12/19 3:0 p.m.•37 views

CVE-2014-8875

6.4AI score0.02564EPSS

Exploits1References4

Cvelist•added 2014/12/19 3:0 p.m.•20 views

CVE-2014-9407

7.2AI score0.00576EPSS

Exploits0References1

CVE•added 2014/12/19 3:0 p.m.•49 views

CVE-2014-8875

Revive Adserver is affected by CVE-2014-8875 due to an XML Entity Expansion (XEE) vulnerability in the XML_RPC_cd function of lib/pear/XML/RPC.php. The advisory details that the Revive Adserver XML-RPC endpoints (delivery/XMLRPC and API endpoints) may be exploited by crafted XML payloads to exhau...

5CVSS6.5AI score0.02564EPSS

Exploits1References4Affected Software1

CVE•added 2014/12/19 3:0 p.m.•72 views

CVE-2014-8793

CVE‑2014‑8793 is a documented Cross‑Site Scripting (XSS) vulnerability in Revive Adserver, affecting the file path lib/max/Admin/UI/Field/PublisherIdField.php and exploitable via the refresh_page parameter to www/admin/report-generate.php . The issue arises from inadequate sanitization of input, ...

4.3CVSS5.6AI score0.02309EPSS

Exploits3References8Affected Software1

CVE•added 2014/12/19 3:0 p.m.•44 views

CVE-2014-9407

Summary: CVE-2014-9407 affects Revive Adserver prior to 3.0.5, where multiple cross-site request forgery (CSRF) vulnerabilities allow remote attackers to hijack administrators’ authenticated sessions and trigger privileged actions. Affected endpoints include admin/ scripts such as agency-delete.p...

6.8CVSS7.4AI score0.00576EPSS

Exploits0References1Affected Software1

Packet Storm•added 2014/12/17 12:0 a.m.•68 views

Revive Adserver 3.0.5 Cross Site Scripting / Denial Of Service

======================================================================== Revive Adserver Security Advisory REVIVE-SA-2014-002 ------------------------------------------------------------------------ http://www.revive-adserver.com/security/revive-sa-2014-002...

5CVSS0.1AI score0.02564EPSS

Exploits3

Packet Storm•added 2014/12/17 12:0 a.m.•83 views

Revive Adserver 3.0.5 Cross Site Scripting

4.3CVSS6.5AI score0.02309EPSS

Exploits3

Tenable Nessus•added 2014/12/17 12:0 a.m.•21 views

Revive Adserver < 3.1.0 Multiple Vulnerabilities

Binary data 8607.prm...

5CVSS6.9AI score0.02564EPSS

Exploits3References4

htbridge•added 2014/11/12 12:0 a.m.•50 views

Cross-Site Scripting (XSS) in Revive Adserver

High-Tech Bridge Security Research Lab discovered an XSS vulnerability in Revive Adserver formerly known as OpenX Source, which can be exploited to perform Cross-Site Scripting attacks against authenticated users and administrators of the vulnerable application leading to total compromise of the...

2.6CVSS5.3AI score0.02309EPSS

Exploits3Affected Software1

seebug.org•added 2014/07/01 12:0 a.m.•8 views

vbbuletin 4.0.4 - Multiple Vulnerabilities

No description provided by source. /======================================================================\ || || || Vurnerebility vBulletin - http://www.vbulletin.org || || Local or adserver Javascript,forumdisplay.php Code Execution || || Version license 4.0.4 || || info set cookies, error issu...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•23 views

Zeeways Adserver Multiple Vulnerabilities

No description provided by source. Exploit Title: Zeeways Adserver Multiple Vulnerabilities Date: 06.11.2010 Author: Valentin Category: webapps/0day Version: Tested on: CVE : Code : :::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::: General Information...

7.1AI score

Exploits0

Tenable Nessus•added 2014/06/26 12:0 a.m.•19 views

Revive Adserver Detection

Binary data reviveadserverdetect.nbin...

7.3AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by