3 matches found
CVE-2015-7365
Cross-site scripting XSS vulnerability in the plugin upgrade form in Revive Adserver before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via the filename of an uploaded file containing errors...
CVE-2015-7365
Revive Adserver is affected by CVE-2015-7365: a reflected XSS in the plugin upgrade form where filenames of uploaded files containing errors are not properly escaped. The vulnerability affects Revive Adserver versions
Revive Adserver 3.2.1 Multiple Vulnerabilities
Revive Adserver versions 3.2.1 and below suffer from improper access controls, cross site request forgery, cross site scripting, local file inclusion, and various other vulnerabilities. ========================================================================...