📦 Revive Adserver

A reflected cross-site scripting (XSS) vulnerability in Revive Adserver's afr.php script allows attackers to craft malicious URLs containing HTML payloads. When a logged-in administrator visits such a...

This authorization bypass vulnerability in Revive Adserver allows users with tracker deletion permissions to delete trackers belonging to other accounts. It affects Revive Adserver installations where...

A reflected cross-site scripting (XSS) vulnerability in Revive Adserver allows attackers to craft malicious URLs that execute arbitrary JavaScript in administrators' browsers when visited. This affect...

A reflected cross-site scripting (XSS) vulnerability in Revive Adserver's banner-acl.php script allows attackers to craft malicious URLs containing HTML payloads. When a logged-in administrator visits...

This vulnerability allows attackers to impersonate legitimate users in Revive Adserver through homoglyph and alternative character techniques, bypassing previous security fixes. It affects systems run...

This vulnerability allows attackers to create usernames with leading or trailing whitespace that appear identical to legitimate usernames in the UI, potentially enabling impersonation attacks. It affe...

An uncontrolled resource consumption vulnerability in userlog-index.php allows authenticated admin users to request arbitrarily large page sizes, potentially causing denial of service through excessiv...

This stored XSS vulnerability allows attackers to inject malicious scripts into advertiser campaign names, which then execute when users view affected pages. The vulnerability affects users accessing ...

A format string injection vulnerability in Revive Adserver allows attackers to cause a fatal PHP error that disables the admin console. This affects administrators of Revive Adserver installations who...