Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:revive_adserver_all_versions_before_3.2.3:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductRevive Adserver All Versions Before 3.2.3 (47ad46a7-b4ee-5640-9023-3f78887d1033)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2016-9457 vulnerable 2026-06-08 05:08:23.939785 Details available
Revive Adserver before 3.2.3 suffers from Reflected XSS. `www/admin/stats.php` is vulnerable to reflected XSS attacks via multiple parameters that are not properly sanitised or escaped when displayed, such as setPerPage, pageId, bannerid, period_start, period_end, and possibly others.
Published: 2017-03-28T02:46:00.000Z
Updated: 2024-08-06T02:50:38.590Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-9456 vulnerable 2026-06-08 05:08:23.939453 Details available
Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). The Revive Adserver team conducted a security audit of the admin interface scripts in order to identify and fix other potential CSRF vulnerabilities. Over 20+ such issues were fixed.
Published: 2017-03-28T02:46:00.000Z
Updated: 2024-08-06T02:50:38.423Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-9455 vulnerable 2026-06-08 05:08:23.939118 Details available
Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). A number of scripts in Revive Adserver's user interface are vulnerable to CSRF attacks: `www/admin/banner-acl.php`, `www/admin/banner-activate.php`, `www/admin/banner-advanced.php`, `www/admin/banner-modify.php`, `www/admin/banner-swf.php`, `www/admin/banner-zone.php`, `www/admin/tracker-modify.php`.
Published: 2017-03-28T02:46:00.000Z
Updated: 2024-08-06T02:50:38.479Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-9454 vulnerable 2026-06-08 05:08:23.938737 Details available
Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via the Revive Adserver user interface exists, requiring a trusted (non-admin) account. The banner image URL for external banners wasn't properly escaped when displayed in most of the banner related pages.
Published: 2017-03-28T02:46:00.000Z
Updated: 2024-08-06T02:50:38.507Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-9130 vulnerable 2026-06-08 05:08:22.626439 Details available
Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via the Revive Adserver user interface exists, requiring a trusted (non-admin) account. The website name wasn't properly escaped when displayed in the campaign-zone.php script.
Published: 2017-03-28T02:46:00.000Z
Updated: 2024-08-06T02:42:10.521Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-9129 vulnerable 2026-06-08 05:08:22.626128 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-9128 vulnerable 2026-06-08 05:08:22.625796 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-9127 vulnerable 2026-06-08 05:08:22.625456 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-9126 vulnerable 2026-06-08 05:08:22.625120 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-9125 vulnerable 2026-06-08 05:08:22.624761 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-9124 vulnerable 2026-06-08 05:08:22.618420 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.