cbcvebase.

Revive-Adserver Revive Adserver vulnerabilities

66 known vulnerabilities affecting revive-adserver/revive_adserver.

Total CVEs
66
CISA KEV
0
Public exploits
4
Exploited in wild
3
Severity breakdown
CRITICAL4HIGH12MEDIUM47LOW3

Vulnerabilities

Page 1 of 4
CVE-2021-22873P2MEDIUMCVSS 6.1ExploitedPoCfixed in 5.1.02021-01-26
CVE-2021-22873 [MEDIUM] CWE-601 CVE-2021-22873: Revive Adserver before 5.1.0 is vulnerable to open redirects via the `dest`, `oadest`, and/or `ct0` Revive Adserver before 5.1.0 is vulnerable to open redirects via the `dest`, `oadest`, and/or `ct0` parameters of the lg.php and ck.php delivery scripts. Such open redirects had previously been available by design to allow third party ad servers to track such metrics when delivering ads. However, third party click tracking via redirects is not a viab
nvd
CVE-2020-8115P2MEDIUMCVSS 6.1ExploitedPoC≤ 5.0.32020-02-04
CVE-2020-8115 [MEDIUM] CWE-79 CVE-2020-8115: A reflected XSS vulnerability has been discovered in the publicly accessible afr.php delivery script A reflected XSS vulnerability has been discovered in the publicly accessible afr.php delivery script of Revive Adserver <= 5.0.3 by Jacopo Tediosi. There are currently no known exploits: the session identifier cannot be accessed as it is stored in an http-only cookie as of v3.2.2. On older versions, however, under specific circumstances, it could be po
nvd
CVE-2013-7149P2HIGHCVSS 7.5Exploited≤ 3.0.1v3.0.02013-12-28
CVE-2013-7149 [HIGH] CWE-89 CVE-2013-7149: SQL injection vulnerability in www/delivery/axmlrpc.php (aka the XML-RPC delivery invocation script) SQL injection vulnerability in www/delivery/axmlrpc.php (aka the XML-RPC delivery invocation script) in Revive Adserver before 3.0.2, and OpenX Source 2.8.11 and earlier, allows remote attackers to execute arbitrary SQL commands via the what parameter to an XML-RPC method.
nvd
CVE-2026-50741P3HIGHCVSS 8.8fixed in 6.0.82026-06-26
CVE-2026-50741 [HIGH] CVE-2026-50741: Bypass to the fix for CVE-2026-34916. Variants of such vectors have been also reported by phucrio an Bypass to the fix for CVE-2026-34916. Variants of such vectors have been also reported by phucrio and offsetmd. The fix can be bypassed either by sending a disallowed but otherwise valid plugin identifier as `type`, or using the `ox.setChannelTargeting` XML-RPC API method.
nvd
CVE-2025-48986P3HIGHCVSS 8.8≤ 5.5.2≥ 6.0.0, ≤ 6.0.12025-11-20
CVE-2025-48986 [HIGH] CWE-284 CVE-2025-48986: Authorization bypass in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an logged in att Authorization bypass in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an logged in attacker to change other users' email address and potentialy take over their accounts using the forgot password functionality.
nvd
CVE-2023-38040P3MEDIUMCVSS 6.1PoC≤ 5.4.12023-09-17
CVE-2023-38040 [MEDIUM] CWE-79 CVE-2023-38040: A reflected XSS vulnerability exists in Revive Adserver 5.4.1 and earlier versions.. A reflected XSS vulnerability exists in Revive Adserver 5.4.1 and earlier versions..
nvd
CVE-2025-52664P3HIGHCVSS 8.8v6.0.02025-10-31
CVE-2025-52664 [HIGH] CWE-89 CVE-2025-52664: SQL injection in Revive Adserver 6.0.0 causes potential disruption or information access when specif SQL injection in Revive Adserver 6.0.0 causes potential disruption or information access when specifically crafted payloads are sent by logged in users
nvd
CVE-2017-5830P3CRITICALCVSS 9.8≤ 4.0.02017-03-03
CVE-2017-5830 [CRITICAL] CWE-502 CVE-2017-5830: Revive Adserver before 4.0.1 allows remote attackers to execute arbitrary code via serialized data i Revive Adserver before 4.0.1 allows remote attackers to execute arbitrary code via serialized data in the cookies related to the delivery scripts.
nvd
CVE-2013-5954P3MEDIUMCVSS 6.8PoC≤ 3.0.42014-04-25
CVE-2013-5954 [MEDIUM] CWE-352 CVE-2013-5954: Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2.8.11 and earlier allow remote Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2.8.11 and earlier allow remote attackers to hijack the authentication of administrators for requests that delete (1) users via admin/agency-user-unlink.php, (2) advertisers via admin/advertiser-delete.php, (3) banners via admin/banner-delete.php, (4) campaigns via admin/campaign-delet
nvd
CVE-2020-8143P3MEDIUMCVSS 6.1fixed in 5.0.52020-04-03
CVE-2020-8143 [MEDIUM] CWE-601 CVE-2020-8143: An Open Redirect vulnerability was discovered in Revive Adserver version < 5.0.5 and reported by Hac An Open Redirect vulnerability was discovered in Revive Adserver version < 5.0.5 and reported by HackerOne user hoangn144. A remote attacker could trick logged-in users to open a specifically crafted link and have them redirected to any destination.The CSRF protection of the “/www/admin/*-modify.php” could be skipped if no meaningful parameter was sen
nvd
CVE-2016-9125P3CRITICALCVSS 9.8≤ 3.2.22017-03-28
CVE-2016-9125 [CRITICAL] CWE-384 CVE-2016-9125: Revive Adserver before 3.2.3 suffers from session fixation, by allowing arbitrary session identifier Revive Adserver before 3.2.3 suffers from session fixation, by allowing arbitrary session identifiers to be forced and, at the same time, by not invalidating the existing session upon a successful authentication. Under some circumstances, that could have been an opportunity for an attacker to steal an authenticated session.
nvd
CVE-2016-9124P3CRITICALCVSS 9.8≤ 3.2.22017-03-28
CVE-2016-9124 [CRITICAL] CWE-307 CVE-2016-9124: Revive Adserver before 3.2.3 suffers from Improper Restriction of Excessive Authentication Attempts. Revive Adserver before 3.2.3 suffers from Improper Restriction of Excessive Authentication Attempts. The login page of Revive Adserver is vulnerable to password-guessing attacks. An account lockdown feature was considered, but rejected to avoid introducing service disruptions to regular users during such attacks. A random delay has instead been intr
nvd
CVE-2019-5440P3HIGHCVSS 8.1fixed in 4.2.12019-05-28
CVE-2019-5440 [HIGH] CWE-338 CVE-2019-5440: Use of cryptographically weak PRNG in the password recovery token generation of Revive Adserver < v4 Use of cryptographically weak PRNG in the password recovery token generation of Revive Adserver < v4.2.1 causes a potential authentication bypass attack if an attacker exploits the password recovery functionality. In lib/OA/Dal/PasswordRecovery.php, the function generateRecoveryId() generates a password reset token that relies on the PHP uniqid function
nvd
CVE-2021-22889P3MEDIUMCVSS 6.1fixed in 5.2.02021-03-25
CVE-2021-22889 [MEDIUM] CWE-79 CVE-2021-22889: Revive Adserver before v5.2.0 is vulnerable to a reflected XSS vulnerability in the `statsBreakdown` Revive Adserver before v5.2.0 is vulnerable to a reflected XSS vulnerability in the `statsBreakdown` parameter of stats.php (and possibly other scripts) due to single quotes not being escaped. An attacker could trick a user with access to the user interface of a Revive Adserver instance into clicking on a specifically crafted URL and pressing a certa
nvd
CVE-2015-7372P3HIGHCVSS 7.5≤ 3.2.12015-10-14
CVE-2015-7372 [HIGH] CWE-22 CVE-2015-7372: Directory traversal vulnerability in delivery-dev/al.php in Revive Adserver before 3.2.2 allows remo Directory traversal vulnerability in delivery-dev/al.php in Revive Adserver before 3.2.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the layerstyle parameter.
nvd
CVE-2016-9470P3CRITICALCVSS 9.0≤ 3.2.4v4.0.02017-03-28
CVE-2016-9470 [CRITICAL] CWE-79 CVE-2016-9470: Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected File Download. `www/delivery/asyncspc. Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected File Download. `www/delivery/asyncspc.php` was vulnerable to the fairly new Reflected File Download (RFD) web attack vector that enables attackers to gain complete control over a victim's machine by virtually downloading a file from a trusted domain.
nvd
CVE-2021-22888P3MEDIUMCVSS 6.1fixed in 5.2.02021-03-25
CVE-2021-22888 [MEDIUM] CWE-79 CVE-2021-22888: Revive Adserver before v5.2.0 is vulnerable to a reflected XSS vulnerability in the `status` paramet Revive Adserver before v5.2.0 is vulnerable to a reflected XSS vulnerability in the `status` parameter of campaign-zone-zones.php. An attacker could trick a user with access to the user interface of a Revive Adserver instance into clicking on a specifically crafted URL and execute injected JavaScript code.
nvd
CVE-2015-7367P3HIGHCVSS 7.5≤ 3.2.12015-10-14
CVE-2015-7367 [HIGH] CWE-284 CVE-2015-7367: Revive Adserver before 3.2.2 allows remote attackers to perform unspecified actions by leveraging an Revive Adserver before 3.2.2 allows remote attackers to perform unspecified actions by leveraging an unexpired session after the user has been (1) deleted or (2) unlinked.
nvd
CVE-2015-7369P3HIGHCVSS 7.5≤ 3.2.12015-10-14
CVE-2015-7369 [HIGH] CWE-284 CVE-2015-7369: The default Flash cross-domain policy (crossdomain.xml) in Revive Adserver before 3.2.2 does not res The default Flash cross-domain policy (crossdomain.xml) in Revive Adserver before 3.2.2 does not restrict access cross domain access, which allows remote attackers to conduct cross domain attacks via unspecified vectors.
nvd
CVE-2021-22875P3MEDIUMCVSS 6.1fixed in 5.1.12021-01-28
CVE-2021-22875 [MEDIUM] CWE-79 CVE-2021-22875: Revive Adserver before 5.1.1 is vulnerable to a reflected XSS vulnerability in stats.php via the `se Revive Adserver before 5.1.1 is vulnerable to a reflected XSS vulnerability in stats.php via the `setPerPage` parameter.
nvd
Revive-Adserver Revive Adserver vulnerabilities | cvebase