19 matches found
CVE-2019-5440
CVE-2019-5440 affects Revive Adserver versions prior to 4.2.1. The password recovery token is generated via generateRecoveryId() using PHP uniqid, which relies on the current time and provides weak entropy, potentially enabling authentication bypass through the password recovery feature. Affected...
CVE-2020-8142
CVE-2020-8142 affects Revive Adserver
CVE-2021-22873
Revive Adserver before 5.1.0 is vulnerable to open redirects via the dest, oadest, and ct0 parameters of lg.php and ck.php delivery scripts. The underlying issue is an open redirect that can send users to arbitrary sites and potentially facilitate phishing or other abuses. Affected versions are p...
CVE-2020-8143
Revive Adserver prior to 5.0.5 is affected by an Open Redirect. An attacker can entice a logged-in user to click a crafted link and be redirected, via the returnurl parameter in admin-modify endpoints (e.g., /www/admin/campaign-modify.php). The CSRF check could be bypassed if no meaningful parame...
CVE-2021-22875
Revive Adserver is affected by CVE-2021-22875: a reflected XSS in stats.php via the setPerPage parameter, impacting Revive Adserver versions up to 5.1.0 (fixed in 5.1.1). The root cause is insufficient input validation/neutralization of user-supplied data in the request parameters, allowing injec...
CVE-2021-22888
CVE-2021-22888 affects Revive Adserver prior to 5.2.0, with a reflected XSS in the status parameter of campaign-zone-zones.php. An attacker who can lure a user with UI access to click a crafted URL can execute injected JavaScript in the user’s browser. Public sources in the connected set confirm ...
CVE-2021-22871
Revive Adserver
CVE-2021-22872
Revive Adserver
CVE-2021-22874
Revive Adserver prior to 5.1.1 is affected by a reflected XSS in userlog-index.php via the period_preset parameter. Public details include a proof-of-concept from HackerOne showing injection on /admin/userlog-index.php with period_preset, enabling script injection and potential cookie theft or re...
CVE-2021-22948
The CVE-2021-22948 affects revive-adserver, specifically versions prior to 5.3.0. The issue stems from generating session IDs with PHP’s insecure uniqid() function, which under certain conditions could allow an attacker to brute-force session IDs and take over a user account. The Red Hat and NVD ...
CVE-2019-5433
CVE-2019-5433 describes an open redirect in Revive Adserver’s admin/account-switch.php. A user with UI access could be tricked by a crafted return_url parameter into visiting an external, potentially phishing, domain, enabling credential theft or similar abuse. The issue arises from unrestricted ...
CVE-2021-22889
Summary: Revive Adserver prior to v5.2.0 is affected by a reflected XSS in the statsBreakdown parameter (stats.php) caused by unescaped single quotes. An attacker with UI access could lure a user into a crafted URL and, by triggering a key combination, execute injected JavaScript in the context o...
CVE-2026-50741
CVE-2026-50741 concerns Revive Adserver and describes bypassing the fix for CVE-2026-34916. The connected documents indicate that the bypass can be achieved by: (1) sending a disallowed but otherwise valid plugin identifier as the plugin type, and (2) calling the XML-RPC API method ox.setChannelT...
CVE-2026-50739
Revive Adserver 6.0.7 and earlier expose a bypass of ownership validation in the reverse operation that links campaigns and trackers via tracker-campaigns.php. A low-privilege user could link their trackers to campaigns owned by other managers on the same instance, causing inconsistent ownership ...
CVE-2026-50740
Affected software/issue: Revive Adserver
CVE-2026-50745
CVE-2026-50745 concerns Revive Adserver’s stats-video.php where user input is reflected due to missing sanitisation and unencoded URL parameters, arising from improper handling of the Smarty url helper. The HackerOne report confirms a reflected XSS vector in this script. No exploitation status or...
CVE-2025-27208
Revive Adserver 5.5.2 is affected by a reflected Cross-Site Scripting (XSS) in admin-search.php via the compact parameter. An attacker able to lure a user with UI access into clicking a crafted URL can inject JavaScript to run in the victim’s browser; cookies aren’t exposed, but other actions may...
CVE-2026-50742
CVE-2026-50742 describes a stored XSS in Revive Adserver 6.0.7, occurring in the maintenance tools, specifically in the files maintenance-acl-check.php and maintenance-banners-check.php . The root cause is that entity names are displayed without proper escaping when inconsistencies are detected, ...
CVE-2026-50744
Revive Adserver 6.0.7 is affected by a bypass of the admin‑only restriction in the XML‑RPC API. The ox.login method returned a session ID cookie in HTTP headers and, although it reported an error, the session was not invalidated, allowing a leaked session ID to be reused for subsequent API calls ...