cbcvebase.

Revive Adserver vulnerabilities

23 known vulnerabilities affecting revive/revive_adserver.

Total CVEs
23
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM18LOW2

Vulnerabilities

Page 1 of 2
CVE-2025-48986P3HIGHCVSS 8.8≥ 5, ≤ 5.5.2≥ 6, ≤ 6.0.12025-11-20
CVE-2025-48986 [HIGH] CWE-284 CVE-2025-48986: Authorization bypass in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an logged in att Authorization bypass in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an logged in attacker to change other users' email address and potentialy take over their accounts using the forgot password functionality.
nvd
CVE-2023-38040P3MEDIUMCVSS 6.1PoC≥ 5.4.1, ≤ 5.4.12023-09-17
CVE-2023-38040 [MEDIUM] CWE-79 CVE-2023-38040: A reflected XSS vulnerability exists in Revive Adserver 5.4.1 and earlier versions.. A reflected XSS vulnerability exists in Revive Adserver 5.4.1 and earlier versions..
nvd
CVE-2025-52664P3HIGHCVSS 8.8≥ 6.0.0, ≤ 6.0.02025-10-31
CVE-2025-52664 [HIGH] CWE-89 CVE-2025-52664: SQL injection in Revive Adserver 6.0.0 causes potential disruption or information access when specif SQL injection in Revive Adserver 6.0.0 causes potential disruption or information access when specifically crafted payloads are sent by logged in users
nvd
CVE-2019-5440P3HIGHCVSS 8.1vFixed in 4.2.12019-05-28
CVE-2019-5440 [HIGH] CWE-338 CVE-2019-5440: Use of cryptographically weak PRNG in the password recovery token generation of Revive Adserver < v4 Use of cryptographically weak PRNG in the password recovery token generation of Revive Adserver < v4.2.1 causes a potential authentication bypass attack if an attacker exploits the password recovery functionality. In lib/OA/Dal/PasswordRecovery.php, the function generateRecoveryId() generates a password reset token that relies on the PHP uniqid function
nvd
CVE-2025-52670P3MEDIUMCVSS 6.5≥ 6, ≤ 6.0.1≥ 5, ≤ 5.5.22025-11-20
CVE-2025-52670 [MEDIUM] CWE-639 CVE-2025-52670: Missing authorization check in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes users on Missing authorization check in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes users on the system to delete banners owned by other accounts
nvd
CVE-2026-21641P3MEDIUMCVSS 6.5≥ 6, ≤ 6.0.42026-01-20
CVE-2026-21641 [MEDIUM] CWE-285 CVE-2026-21641: HackerOne community member Jad Ghamloush (0xjad) has reported an authorization bypass vulnerability HackerOne community member Jad Ghamloush (0xjad) has reported an authorization bypass vulnerability in the `tracker-delete.php` script of Revive Adserver. Users with permissions to delete trackers are mistakenly allowed to delete trackers owned by other accounts.
nvd
CVE-2025-55128P3MEDIUMCVSS 6.5≥ 6, ≤ 6.0.22025-11-20
CVE-2025-55128 [MEDIUM] CWE-400 CVE-2025-55128: HackerOne community member Dang Hung Vi (vidang04) has reported an uncontrolled resource consumption HackerOne community member Dang Hung Vi (vidang04) has reported an uncontrolled resource consumption vulnerability in the “userlog-index.php”. An attacker with access to the admin interface could request an arbitrarily large number of items per page, potentially leading to a denial of service.
nvd
CVE-2025-55126P4MEDIUMCVSS 6.5≥ 6, ≤ 6.0.22025-11-20
CVE-2025-55126 [MEDIUM] CWE-79 CVE-2025-55126: HackerOne community member Dang Hung Vi (vidang04) has reported a stored XSS vulnerability involving HackerOne community member Dang Hung Vi (vidang04) has reported a stored XSS vulnerability involving the navigation box at the top of advertiser-related pages, with campaign names being the vector for the stored XSS
nvd
CVE-2025-27208P4MEDIUMCVSS 6.1≥ 5.5.2, ≤ 5.5.22025-10-31
CVE-2025-27208 [MEDIUM] CWE-79 CVE-2025-27208: A reflected Cross-Site Scripting (XSS) vulnerability has been identified in Revive Adserver version A reflected Cross-Site Scripting (XSS) vulnerability has been identified in Revive Adserver version 5.5.2. An attacker could trick a user with access to the user interface of a Revive Adserver instance into clicking on a specifically crafted URL and execute injected JavaScript code in the context of the victim's browser. The session cookie cannot be a
nvd
CVE-2025-52667P4MEDIUMCVSS 5.4≥ 6, ≤ 6.0.1≥ 5, ≤ 5.5.22025-11-20
CVE-2025-52667 [MEDIUM] CWE-79 CVE-2025-52667: Missing JSON Content-Type header in a script in Revive Adserver 6.0.1 and 5.5.2 and earlier versions Missing JSON Content-Type header in a script in Revive Adserver 6.0.1 and 5.5.2 and earlier versions causes a stored XSS attack to be possible for a logged in manager user.
nvd
CVE-2025-52668P4MEDIUMCVSS 5.4≥ 6, ≤ 6.0.1≥ 5, ≤ 5.5.22025-11-20
CVE-2025-52668 [MEDIUM] CWE-79 CVE-2025-52668: Improper input neutralization in the stats-conversions.php script in Revive Adserver 5.5.2 and 6.0.1 Improper input neutralization in the stats-conversions.php script in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes potential information disclosure and session hijacking via a stored XSS attack.
nvd
CVE-2025-55123P4MEDIUMCVSS 5.4≥ 6, ≤ 6.0.1≥ 5, ≤ 5.5.22025-11-20
CVE-2025-55123 [MEDIUM] CWE-79 CVE-2025-55123: Improper neutralization of input in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes mana Improper neutralization of input in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes manager accounts to be able to craft XSS attacks to their own advertiser users.
nvd
CVE-2025-55129P4MEDIUMCVSS 5.4≥ 6, ≤ 6.0.32025-12-02
CVE-2025-55129 [MEDIUM] CWE-176 CVE-2025-55129: HackerOne community member Kassem S.(kassem_s94) has reported that username handling in Revive Adser HackerOne community member Kassem S.(kassem_s94) has reported that username handling in Revive Adserver was still vulnerable to impersonation attacks after the fix for CVE-2025-52672, via several alternate techniques. Homoglyphs based impersonation has been independently reported by other HackerOne users, such as itz_hari_ and khoof.
nvd
CVE-2025-55127P4MEDIUMCVSS 5.4≥ 6, ≤ 6.0.22025-11-20
CVE-2025-55127 [MEDIUM] CWE-156 CVE-2025-55127: HackerOne community member Dao Hoang Anh (yoyomiski) has reported an improper neutralization of whit HackerOne community member Dao Hoang Anh (yoyomiski) has reported an improper neutralization of whitespace in the username when adding new users. A username with leading or trailing whitespace could be virtually indistinguishable from its legitimate counterpart when the username is displayed in the UI, potentially leading to confusion.
nvd
CVE-2025-48987P4MEDIUMCVSS 6.1≥ 6, ≤ 6.0.1≥ 5, ≤ 5.5.22025-11-20
CVE-2025-48987 [MEDIUM] CWE-79 CVE-2025-48987: Improper Neutralization of Input in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes a po Improper Neutralization of Input in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes a potential reflected XSS attack.
nvd
CVE-2026-21642P4MEDIUMCVSS 6.1≥ 6, ≤ 6.0.42026-01-20
CVE-2026-21642 [MEDIUM] CWE-79 CVE-2026-21642: HackerOne community member Patrick Lang (7yr) has reported a reflected XSS vulnerability in the `ban HackerOne community member Patrick Lang (7yr) has reported a reflected XSS vulnerability in the `banner-acl.php` and `channel-acl.php` scripts of Revive Adserver. An attacker can craft a specific URL that includes an HTML payload in a parameter. If a logged in administrator visits the URL, the HTML is sent to the browser and malicious scripts would b
nvd
CVE-2026-21664P4MEDIUMCVSS 6.1≥ 6, ≤ 6.0.42026-01-20
CVE-2026-21664 [MEDIUM] CWE-79 CVE-2026-21664: HackerOne community member Huynh Pham Thanh Luc (nigh7c0r3) has reported a reflected XSS vulnerabili HackerOne community member Huynh Pham Thanh Luc (nigh7c0r3) has reported a reflected XSS vulnerability in the afr.php delivery script of Revive Adserver. An attacker can craft a specific URL that includes an HTML payload in a parameter. If a logged in administrator visits the URL, the HTML is sent to the browser and malicious scripts would be execute
nvd
CVE-2025-55124P4MEDIUMCVSS 6.1≥ 6, ≤ 6.0.12025-11-20
CVE-2025-55124 [MEDIUM] CWE-79 CVE-2025-55124: Improper neutralisation of input in Revive Adserver 6.0.0+ causes a reflected XSS attack in the bann Improper neutralisation of input in Revive Adserver 6.0.0+ causes a reflected XSS attack in the banner-zone.php script.
nvd
CVE-2026-21663P4MEDIUMCVSS 6.1≥ 6, ≤ 6.0.42026-01-20
CVE-2026-21663 [MEDIUM] CWE-79 CVE-2026-21663: HackerOne community member Patrick Lang (7yr) has reported a reflected XSS vulnerability in the bann HackerOne community member Patrick Lang (7yr) has reported a reflected XSS vulnerability in the banner-acl.php script of Revive Adserver. An attacker can craft a specific URL that includes an HTML payload in a parameter. If a logged in administrator visits the URL, the HTML is sent to the browser and malicious scripts would be executed.
nvd
CVE-2025-52669P4MEDIUMCVSS 4.3≥ 6, ≤ 6.0.1≥ 5, ≤ 5.5.22025-11-20
CVE-2025-52669 [MEDIUM] CWE-200 CVE-2025-52669: Insecure design policies in the user management system of Revive Adserver 5.5.2 and 6.0.1 and earlie Insecure design policies in the user management system of Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes non-admin users to have access to the contact name and email address of other users on the system.
nvd
Revive Adserver vulnerabilities | cvebase