721 matches found
Revive Adserver 3.2.2 Open Redirect
================================================================================ Revive Adserver 3.2.2 - Open Redirect ================================================================================ Vendor Homepage: https://www.revive-adserver.com/ Date: 25/01/2016 Software Link:...
medlabmag.com Open Redirect vulnerability
Vulnerable URL: http://medlabmag.com/revive-adserver-3.1.0/www/delivery/ck.php?oaparams=2bannerid=34zoneid=14cb=6e9d479325oadest=https://xssposed.org/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| Open Redirect Vulnerability status:|...
usastar.com Open Redirect vulnerability
Open Bug Bounty ID: OBB-126397 Description| Value ---|--- Affected Website:| usastar.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...
elsampetrino.com Open Redirect vulnerability
Vulnerable URL: http://www.elsampetrino.com/servidordeanuncios/revive-adserver-3.0.3/www/delivery/ck.php?oaparams=2bannerid=15zoneid=6cb=b02646594doadest=https://xssposed.org/ Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 12:50 GMT...
[REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ======================================================================== Revive Adserver Security Advisory REVIVE-SA-2015-001 ========================================================================...
Revive Adserver < 3.2.2 Multiple Vulnerabilities (REVIVE-SA-2015-001)
Revive Adserver is prone to multiple vulnerabilities. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Revive Adserver HTML_Quickform Library Security Bypass Vulnerability
Revive Adserver is an open source ad management system. Revive Adserver HTMLQuickform library has a security vulnerability that allows remote attackers can use empty tokens to bypass the CSRF protection mechanism...
Revive Adserver Cross-Site Request Forgery Vulnerability
Revive Adserver is an open source ad management system from the Revive Adserver team. A cross-site request forgery vulnerability exists in Revive Adserver versions prior to 3.2.2, which can be exploited by a remote attacker to perform specific plugin operations or cause a denial of service...
Revive Adserver Flash cross-domain attack vulnerability
Revive Adserver is an open source ad management system from the Revive Adserver team. A security vulnerability exists in the default Flash cross-domain policy of Revive Adserver versions prior to 3.2.2, which can be exploited by remote attackers to perform cross-domain attacks...
Revive Adserver Cross-Site Scripting Vulnerability (CNVD-2015-06712)
Revive Adserver is an open source ad management system from the Revive Adserver team. A cross-site scripting vulnerability exists in the plugin upgrade form of Revive Adserver versions prior to 3.2.2, which can be exploited by a remote attacker to inject arbitrary Web script or HTML with the help...
Revive Adserver Information Disclosure Vulnerability
Revive Adserver is an open source ad management system from the Revive Adserver team. A security vulnerability exists in Revive Adserver versions prior to 3.2.2, which can be exploited by a local attacker to obtain sensitive information with the help of web page caching...
Revive Adserver Unauthorized Operation Vulnerability
Revive Adserver is an open source ad management system from the Revive Adserver team. A security vulnerability in Revive Adserver versions prior to 3.2.2 can be exploited by remote attackers to perform restricted operations with the help of unexpired sessions established by deleted or disconnecte...
CVE-2015-7373
Cross-site scripting XSS vulnerability in the "magic-macros" feature in Revive Adserver before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via a GET parameter, which is not properly handled in a banner...
CVE-2015-7372
Directory traversal vulnerability in delivery-dev/al.php in Revive Adserver before 3.2.2 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the layerstyle parameter...
CVE-2015-7371
Revive Adserver before 3.2.2 does not restrict access to run-mpe.php, which allows remote attackers to run the Maintenance Priority Engine and possibly cause a denial of service resource consumption via a direct request...
CVE-2015-7370
Multiple cross-site scripting XSS vulnerabilities in open-flash-chart.swf in Open Flash Chart 2, as used in the VideoAds plugin in Revive Adserver before 3.2.2 and CA Release Automation formerly LISA Release Automation 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and...
CVE-2015-7369
The default Flash cross-domain policy crossdomain.xml in Revive Adserver before 3.2.2 does not restrict access cross domain access, which allows remote attackers to conduct cross domain attacks via unspecified vectors...
CVE-2015-7368
Revive Adserver before 3.2.2 does not send the appropriate Cache-Control HTTP headers in responses for admin UI pages, which allows local users to obtain sensitive information via the web browser cache...
CVE-2015-7367
Revive Adserver before 3.2.2 allows remote attackers to perform unspecified actions by leveraging an unexpired session after the user has been 1 deleted or 2 unlinked...
CVE-2015-7366
Multiple cross-site request forgery CSRF vulnerabilities in Revive Adserver before 3.2.2 allow remote attackers to hijack the authentication of users for requests that 1 perform certain plugin actions and possibly cause a denial of service disabled core plugins via unknown vectors or 2 change the...