Adserver Security Vulnerabilities
A user having access to the UI of a Revive Adserver instance could be tricked into clicking on a specifically crafted admin account-switch.php URL that would eventually lead them to another (unsafe) domain, potentially used for stealing credentials or other phishing attacks. This vulnerability was ...
5.4CVSS
5.3AI Score
0.001EPSS
An attacker could send a specifically crafted payload to the XML-RPC invocation script and trigger the unserialize() call on the "what" parameter in the "openads.spc" RPC method. Such vulnerability could be used to perform various types of attacks, e.g. exploit serialize-related PHP vulnerabilities...
9.8CVSS
9.6AI Score
0.281EPSS
Use of cryptographically weak PRNG in the password recovery token generation of Revive Adserver < v4.2.1 causes a potential authentication bypass attack if an attacker exploits the password recovery functionality. In lib/OA/Dal/PasswordRecovery.php, the function generateRecoveryId() generates a ...
8.1CVSS
8.3AI Score
0.005EPSS
The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks. NOTE: The vendor's position is that this is effectively mitigated by rate limits and password-quality features.
7.5CVSS
7.5AI Score
0.001EPSS
A reflected XSS vulnerability exists in Revive Adserver 5.4.1 and earlier versions..
6.1CVSS
5.9AI Score
0.001EPSS