Https

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:https://github.com/revive-adserver/revive-adserver:*:*:*:*:*:*:*:*

part: a version: //github.com/revive-adserver/revive-adserver update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductHttps (b65e66a1-fb16-5533-954b-05eeb21e718a)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2021-22948 vulnerable 2026-06-08 05:30:02.010892 Details available
Vulnerability in the generation of session IDs in revive-adserver < 5.3.0, based on the cryptographically insecure uniqid() PHP function. Under some circumstances, an attacker could theoretically be able to brute force session IDs in order to take over a specific account.
Published: 2021-09-23T12:44:20.000Z
Updated: 2024-08-03T18:58:26.133Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-22889 vulnerable 2026-06-08 05:30:01.743580 Details available
Revive Adserver before v5.2.0 is vulnerable to a reflected XSS vulnerability in the `statsBreakdown` parameter of stats.php (and possibly other scripts) due to single quotes not being escaped. An attacker could trick a user with access to the user interface of a Revive Adserver instance into clicking on a specifically crafted URL and pressing a certain key combination to execute injected JavaScript code.
Published: 2021-03-25T19:40:55.000Z
Updated: 2024-08-03T18:58:24.797Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-22888 vulnerable 2026-06-08 05:30:01.743215 Details available
Revive Adserver before v5.2.0 is vulnerable to a reflected XSS vulnerability in the `status` parameter of campaign-zone-zones.php. An attacker could trick a user with access to the user interface of a Revive Adserver instance into clicking on a specifically crafted URL and execute injected JavaScript code.
Published: 2021-03-25T19:40:41.000Z
Updated: 2024-08-03T18:58:25.459Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-22875 vulnerable 2026-06-08 05:30:01.672659 Details available
Revive Adserver before 5.1.1 is vulnerable to a reflected XSS vulnerability in stats.php via the `setPerPage` parameter.
Published: 2021-01-28T16:12:14.000Z
Updated: 2024-08-03T18:51:07.627Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-22874 vulnerable 2026-06-08 05:30:01.672349 Details available
Revive Adserver before 5.1.1 is vulnerable to a reflected XSS vulnerability in userlog-index.php via the `period_preset` parameter.
Published: 2021-01-28T16:09:23.000Z
Updated: 2024-08-03T18:51:07.505Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-22873 vulnerable 2026-06-08 05:30:01.672026 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-22872 vulnerable 2026-06-08 05:30:01.671620 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-22871 vulnerable 2026-06-08 05:30:01.670122 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-8143 vulnerable 2026-06-08 05:27:14.951965 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-8142 vulnerable 2026-06-08 05:27:14.951427 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-8115 vulnerable 2026-06-08 05:27:14.834217 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.