7 matches found
CVE-2026-34916
A missing validation of user input when saving delivery limitations in Revive Adserver 6.0.6 and earlier could allow a low‑privileged user to use the logical parameter to inject malicious PHP code into the compiledlimitations field on the database and have it executed during banner delivery. Inpu...
CVE-2026-34916
A missing validation of user input when saving delivery limitations in Revive Adserver 6.0.6 and earlier could allow a low‑privileged user to use the logical parameter to inject malicious PHP code into the compiledlimitations field on the database and have it executed during banner delivery. Inpu...
CVE-2026-44959
A missing validation of user input exists when saving delivery limitations in Revive Adserver 6.0.6 and earlier. A low‑privileged user could add an unexpected component parameter and inject malicious PHP code into the compiledlimitations field, which would then be executed during banner delivery...
Revive Adserver: PHP code injection via unexpected delivery limitation parameter
A vulnerability was reported in Revive Adserver 6.0.6 and earlier versions where user input was not properly validated when saving delivery limitations. This allowed a low-privileged user to inject malicious PHP code into the compiledlimitations field, which could then be executed during banner...
Revive Adserver: [revive-adserver] Reflected XSS in Banner Delivery Options via cap parameter
Vulnerability description not provided...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in a phpAdsNew and b phpPgAds before 2.0.8 allow remote attackers to inject arbitrary web script or HTML via the 1 certain parameters to the banner delivery module, which is not properly handled in the administrator interface, or 2 certain...
CVE-2006-1397
Multiple cross-site scripting XSS vulnerabilities in a phpAdsNew and b phpPgAds before 2.0.8 allow remote attackers to inject arbitrary web script or HTML via the 1 certain parameters to the banner delivery module, which is not properly handled in the administrator interface, or 2 certain...