8 matches found
CVE-2026-21641
HackerOne community member Jad Ghamloush 0xjad has reported an authorization bypass vulnerability in the tracker-delete.php script of Revive Adserver. Users with permissions to delete trackers are mistakenly allowed to delete trackers owned by other accounts...
CVE-2026-21641
HackerOne community member Jad Ghamloush 0xjad has reported an authorization bypass vulnerability in the tracker-delete.php script of Revive Adserver. Users with permissions to delete trackers are mistakenly allowed to delete trackers owned by other accounts...
CVE-2026-21641
Revive Adserver CVE-2026-21641 is an authorization bypass in the tracker-delete.php script. Reported by HackerOne, the issue allows users with delete-tracker permissions to delete trackers owned by other accounts. Verified across multiple sources (NVD, RH, CIRCL, CVE List, EUVD, AttackeRKB, etc.)...
CVE-2026-21641
HackerOne community member Jad Ghamloush 0xjad has reported an authorization bypass vulnerability in the tracker-delete.php script of Revive Adserver. Users with permissions to delete trackers are mistakenly allowed to delete trackers owned by other accounts...
CVE-2026-21641
HackerOne community member Jad Ghamloush 0xjad has reported an authorization bypass vulnerability in the tracker-delete.php script of Revive Adserver. Users with permissions to delete trackers are mistakenly allowed to delete trackers owned by other accounts...
CVE-2026-21641
HackerOne community member Jad Ghamloush 0xjad has reported an authorization bypass vulnerability in the tracker-delete.php script of Revive Adserver. Users with permissions to delete trackers are mistakenly allowed to delete trackers owned by other accounts...
PT-2026-3658
HackerOne community member Jad Ghamloush 0xjad has reported an authorization bypass vulnerability in the tracker-delete.php script of Revive Adserver. Users with permissions to delete trackers are mistakenly allowed to delete trackers owned by other accounts...
EUVD-2024-22546
Malicious code in bioql PyPI...