Lucene search
+L

721 matches found

packetstorm
packetstorm
added 2016/01/25 12:0 a.m.25 views

Revive Adserver 3.2.2 Open Redirect

================================================================================ Revive Adserver 3.2.2 - Open Redirect ================================================================================ Vendor Homepage: https://www.revive-adserver.com/ Date: 25/01/2016 Software Link:...

7.4AI score
Exploits0
openbugbounty
openbugbounty
added 2016/01/19 6:52 p.m.14 views

medlabmag.com Open Redirect vulnerability

Vulnerable URL: http://medlabmag.com/revive-adserver-3.1.0/www/delivery/ck.php?oaparams=2bannerid=34zoneid=14cb=6e9d479325oadest=https://xssposed.org/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| Open Redirect Vulnerability status:|...

6.9AI score
Exploits0
openbugbounty
openbugbounty
added 2016/01/19 6:32 p.m.12 views

usastar.com Open Redirect vulnerability

Open Bug Bounty ID: OBB-126397 Description| Value ---|--- Affected Website:| usastar.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...

6.7AI score
Exploits0
openbugbounty
openbugbounty
added 2016/01/19 6:26 p.m.10 views

elsampetrino.com Open Redirect vulnerability

Vulnerable URL: http://www.elsampetrino.com/servidordeanuncios/revive-adserver-3.0.3/www/delivery/ck.php?oaparams=2bannerid=15zoneid=6cb=b02646594doadest=https://xssposed.org/ Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 12:50 GMT...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2015/10/26 12:0 a.m.109 views

[REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ======================================================================== Revive Adserver Security Advisory REVIVE-SA-2015-001 ========================================================================...

7.5CVSS6.2AI score0.0325EPSS
Exploits1
openvas
openvas
added 2015/10/20 12:0 a.m.58 views

Revive Adserver < 3.2.2 Multiple Vulnerabilities (REVIVE-SA-2015-001)

Revive Adserver is prone to multiple vulnerabilities. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6.4AI score0.0325EPSS
Exploits1References4
cnvd
cnvd
added 2015/10/18 12:0 a.m.5 views

Revive Adserver HTML_Quickform Library Security Bypass Vulnerability

Revive Adserver is an open source ad management system. Revive Adserver HTMLQuickform library has a security vulnerability that allows remote attackers can use empty tokens to bypass the CSRF protection mechanism...

6.8CVSS7AI score0.01143EPSS
Exploits1References1
cnvd
cnvd
added 2015/10/16 12:0 a.m.7 views

Revive Adserver Cross-Site Request Forgery Vulnerability

Revive Adserver is an open source ad management system from the Revive Adserver team. A cross-site request forgery vulnerability exists in Revive Adserver versions prior to 3.2.2, which can be exploited by a remote attacker to perform specific plugin operations or cause a denial of service...

6.8CVSS6.9AI score0.01114EPSS
Exploits1References1
cnvd
cnvd
added 2015/10/16 12:0 a.m.6 views

Revive Adserver Flash cross-domain attack vulnerability

Revive Adserver is an open source ad management system from the Revive Adserver team. A security vulnerability exists in the default Flash cross-domain policy of Revive Adserver versions prior to 3.2.2, which can be exploited by remote attackers to perform cross-domain attacks...

7.5CVSS6.9AI score0.0325EPSS
Exploits1References1
cnvd
cnvd
added 2015/10/16 12:0 a.m.6 views

Revive Adserver Cross-Site Scripting Vulnerability (CNVD-2015-06712)

Revive Adserver is an open source ad management system from the Revive Adserver team. A cross-site scripting vulnerability exists in the plugin upgrade form of Revive Adserver versions prior to 3.2.2, which can be exploited by a remote attacker to inject arbitrary Web script or HTML with the help...

4.3CVSS6AI score0.01953EPSS
Exploits1References1
cnvd
cnvd
added 2015/10/16 12:0 a.m.4 views

Revive Adserver Information Disclosure Vulnerability

Revive Adserver is an open source ad management system from the Revive Adserver team. A security vulnerability exists in Revive Adserver versions prior to 3.2.2, which can be exploited by a local attacker to obtain sensitive information with the help of web page caching...

2.1CVSS6.2AI score0.00539EPSS
Exploits1References1
cnvd
cnvd
added 2015/10/16 12:0 a.m.5 views

Revive Adserver Unauthorized Operation Vulnerability

Revive Adserver is an open source ad management system from the Revive Adserver team. A security vulnerability in Revive Adserver versions prior to 3.2.2 can be exploited by remote attackers to perform restricted operations with the help of unexpired sessions established by deleted or disconnecte...

7.5CVSS6.9AI score0.02544EPSS
Exploits1References1
nvd
nvd
added 2015/10/14 7:59 p.m.22 views

CVE-2015-7373

Cross-site scripting XSS vulnerability in the "magic-macros" feature in Revive Adserver before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via a GET parameter, which is not properly handled in a banner...

4.3CVSS5.5AI score0.01953EPSS
Exploits1References4
nvd
nvd
added 2015/10/14 7:59 p.m.23 views

CVE-2015-7372

Directory traversal vulnerability in delivery-dev/al.php in Revive Adserver before 3.2.2 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the layerstyle parameter...

7.5CVSS7AI score0.03073EPSS
Exploits1References5
nvd
nvd
added 2015/10/14 7:59 p.m.21 views

CVE-2015-7371

Revive Adserver before 3.2.2 does not restrict access to run-mpe.php, which allows remote attackers to run the Maintenance Priority Engine and possibly cause a denial of service resource consumption via a direct request...

5CVSS6.6AI score0.02586EPSS
Exploits1References4
nvd
nvd
added 2015/10/14 7:59 p.m.19 views

CVE-2015-7370

Multiple cross-site scripting XSS vulnerabilities in open-flash-chart.swf in Open Flash Chart 2, as used in the VideoAds plugin in Revive Adserver before 3.2.2 and CA Release Automation formerly LISA Release Automation 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and...

4.3CVSS5.8AI score0.02239EPSS
Exploits1References7
nvd
nvd
added 2015/10/14 7:59 p.m.17 views

CVE-2015-7369

The default Flash cross-domain policy crossdomain.xml in Revive Adserver before 3.2.2 does not restrict access cross domain access, which allows remote attackers to conduct cross domain attacks via unspecified vectors...

7.5CVSS6.5AI score0.0325EPSS
Exploits1References4
nvd
nvd
added 2015/10/14 7:59 p.m.16 views

CVE-2015-7368

Revive Adserver before 3.2.2 does not send the appropriate Cache-Control HTTP headers in responses for admin UI pages, which allows local users to obtain sensitive information via the web browser cache...

2.1CVSS5.7AI score0.00539EPSS
Exploits1References5
nvd
nvd
added 2015/10/14 7:59 p.m.19 views

CVE-2015-7367

Revive Adserver before 3.2.2 allows remote attackers to perform unspecified actions by leveraging an unexpired session after the user has been 1 deleted or 2 unlinked...

7.5CVSS6.7AI score0.02544EPSS
Exploits1References4
nvd
nvd
added 2015/10/14 7:59 p.m.20 views

CVE-2015-7366

Multiple cross-site request forgery CSRF vulnerabilities in Revive Adserver before 3.2.2 allow remote attackers to hijack the authentication of users for requests that 1 perform certain plugin actions and possibly cause a denial of service disabled core plugins via unknown vectors or 2 change the...

6.8CVSS8.1AI score0.01114EPSS
Exploits1References4
Rows per page
Query Builder