Revive Adserver All Versions Before 3.2.3
Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:revive_adserver_all_versions_before_3.2.3:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Revive Adserver All Versions Before 3.2.3 (47ad46a7-b4ee-5640-9023-3f78887d1033) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2016-9457 |
vulnerable | 2026-06-08 05:08:23.939785 |
Details available
Revive Adserver before 3.2.3 suffers from Reflected XSS. `www/admin/stats.php` is vulnerable to reflected XSS attacks via multiple parameters that are not properly sanitised or escaped when displayed, such as setPerPage, pageId, bannerid, period_start, period_end, and possibly others.
Published: 2017-03-28T02:46:00.000Z
Updated: 2024-08-06T02:50:38.590Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-9456 |
vulnerable | 2026-06-08 05:08:23.939453 |
Details available
Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). The Revive Adserver team conducted a security audit of the admin interface scripts in order to identify and fix other potential CSRF vulnerabilities. Over 20+ such issues were fixed.
Published: 2017-03-28T02:46:00.000Z
Updated: 2024-08-06T02:50:38.423Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-9455 |
vulnerable | 2026-06-08 05:08:23.939118 |
Details available
Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). A number of scripts in Revive Adserver's user interface are vulnerable to CSRF attacks: `www/admin/banner-acl.php`, `www/admin/banner-activate.php`, `www/admin/banner-advanced.php`, `www/admin/banner-modify.php`, `www/admin/banner-swf.php`, `www/admin/banner-zone.php`, `www/admin/tracker-modify.php`.
Published: 2017-03-28T02:46:00.000Z
Updated: 2024-08-06T02:50:38.479Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-9454 |
vulnerable | 2026-06-08 05:08:23.938737 |
Details available
Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via the Revive Adserver user interface exists, requiring a trusted (non-admin) account. The banner image URL for external banners wasn't properly escaped when displayed in most of the banner related pages.
Published: 2017-03-28T02:46:00.000Z
Updated: 2024-08-06T02:50:38.507Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-9130 |
vulnerable | 2026-06-08 05:08:22.626439 |
Details available
Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via the Revive Adserver user interface exists, requiring a trusted (non-admin) account. The website name wasn't properly escaped when displayed in the campaign-zone.php script.
Published: 2017-03-28T02:46:00.000Z
Updated: 2024-08-06T02:42:10.521Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-9129 |
vulnerable | 2026-06-08 05:08:22.626128 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-9128 |
vulnerable | 2026-06-08 05:08:22.625796 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-9127 |
vulnerable | 2026-06-08 05:08:22.625456 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-9126 |
vulnerable | 2026-06-08 05:08:22.625120 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-9125 |
vulnerable | 2026-06-08 05:08:22.624761 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-9124 |
vulnerable | 2026-06-08 05:08:22.618420 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.