CVSS: 3.1EPSS: 0%CPEs: 2EXPL: 0CVE-2016-9471
https://notcve.org/view.php?id=CVE-2016-9471
28 Mar 2017 — Revive Adserver before 3.2.5 and 4.0.0 suffers from Special Element Injection. Usernames weren't properly sanitised when creating users on a Revive Adserver instance. Especially, control characters were not filtered, allowing apparently identical usernames to co-exist in the system, due to the fact that such characters are normally ignored when an HTML page is displayed in a browser. The issue could have therefore been exploited for user spoofing, although elevated privileges are required to create users wi... • https://github.com/revive-adserver/revive-adserver/commit/05b1eceb • CWE-75: Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9126
https://notcve.org/view.php?id=CVE-2016-9126
28 Mar 2017 — Revive Adserver before 3.2.3 suffers from persistent XSS. Usernames are not properly escaped when displayed in the audit trail widget of the dashboard upon login, allowing persistent XSS attacks. An authenticated user with enough privileges to create other users could exploit the vulnerability to access the administrator account. Revive Adserver en versiones anteriores a 3.2.3 sufre de persistente XSS. Los nombres de usuario no se fugan correctamente cuando se muestran en el widget de seguimiento de auditor... • https://github.com/revive-adserver/revive-adserver/commit/8d8c6df309ff5fde9dd4770abcd4ec5d2449b3ec • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9455
https://notcve.org/view.php?id=CVE-2016-9455
28 Mar 2017 — Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). A number of scripts in Revive Adserver's user interface are vulnerable to CSRF attacks: `www/admin/banner-acl.php`, `www/admin/banner-activate.php`, `www/admin/banner-advanced.php`, `www/admin/banner-modify.php`, `www/admin/banner-swf.php`, `www/admin/banner-zone.php`, `www/admin/tracker-modify.php`. Revive Adserver en versiones anteriores a 3.2.3 sufre de solicitud de falsificación en sitios cruzados (CSRF). Una serie de scripts e... • http://www.securityfocus.com/bid/83964 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-9470
https://notcve.org/view.php?id=CVE-2016-9470
28 Mar 2017 — Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected File Download. `www/delivery/asyncspc.php` was vulnerable to the fairly new Reflected File Download (RFD) web attack vector that enables attackers to gain complete control over a victim's machine by virtually downloading a file from a trusted domain. Revive Adserver en versiones anteriores a 3.2.5 y 4.0.0 sufre de Reflected File Download. `www/delivery/asyncspc.php` era vulnerable al relativamente nuevo vector de ataque web Reflected File Downloa... • https://github.com/revive-adserver/revive-adserver/commit/69aacbd2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-254: 7PK - Security Features •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9124
https://notcve.org/view.php?id=CVE-2016-9124
28 Mar 2017 — Revive Adserver before 3.2.3 suffers from Improper Restriction of Excessive Authentication Attempts. The login page of Revive Adserver is vulnerable to password-guessing attacks. An account lockdown feature was considered, but rejected to avoid introducing service disruptions to regular users during such attacks. A random delay has instead been introduced as a countermeasure in case of password failures, along with a system to discourage parallel brute forcing. These systems will effectively allow the valid... • https://github.com/revive-adserver/revive-adserver/commit/847941390f5b3310d51b07c92ec91cc1f4cc82c9 • CWE-287: Improper Authentication CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9125
https://notcve.org/view.php?id=CVE-2016-9125
28 Mar 2017 — Revive Adserver before 3.2.3 suffers from session fixation, by allowing arbitrary session identifiers to be forced and, at the same time, by not invalidating the existing session upon a successful authentication. Under some circumstances, that could have been an opportunity for an attacker to steal an authenticated session. Revive Adserver en versiones anteriores a 3.2.3 sufre fijación de la sesión, al permitir que los identificadores de sesión arbitrarios sean forzados, y al mismo tiempo, al no invalidar l... • https://github.com/revive-adserver/revive-adserver/commit/4910365631eabbb208961c36149f41cc8159fb39 • CWE-384: Session Fixation •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9128
https://notcve.org/view.php?id=CVE-2016-9128
28 Mar 2017 — Revive Adserver before 3.2.3 suffers from reflected XSS. The affiliate-preview.php script in www/admin is vulnerable to a reflected XSS attack. This vulnerability could be used by an attacker to steal the session ID of an authenticated user, by tricking them into visiting a specifically crafted URL. Revive Adserver en versiones anteriores a 3.2.3 sufre de XSS reflejado. El script affiliate-preview.php en www/admin es vulnerable a un ataque XSS reflejado. • https://github.com/revive-adserver/revive-adserver/commit/a323fd626627e8d42819fd5b7e2829196b5c54a3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9129
https://notcve.org/view.php?id=CVE-2016-9129
28 Mar 2017 — Revive Adserver before 3.2.3 suffers from Information Exposure Through Discrepancy. It is possible to check whether or not an email address was associated to one or more user accounts on a target Revive Adserver instance by examining the message printed by the password recovery system. Such information cannot however be used directly to log in to the system, which requires a username. Revive Adserver en versiones anteriores a 3.2.3 sufre de exposición de información a través de discrepancia. Es posible comp... • https://github.com/revive-adserver/revive-adserver/commit/38223a841190bebd7a137c7bed84fbbcb2b0c2a5 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2016-9472
https://notcve.org/view.php?id=CVE-2016-9472
28 Mar 2017 — Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected XSS. The Revive Adserver web installer scripts were vulnerable to a reflected XSS attack via the dbHost, dbUser, and possibly other parameters. It has to be noted that the window for such attack vectors to be possible is extremely narrow and it is very unlikely that such an attack could be actually effective. Revive Adserver en versiones anteriores a 3.2.5 y 4.0.0 sufren de XSS reflejado. Los scripts del instalador web de Revive Adserver eran vul... • https://github.com/revive-adserver/revive-adserver/commit/14ff73f0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 0CVE-2017-5830
https://notcve.org/view.php?id=CVE-2017-5830
03 Mar 2017 — Revive Adserver before 4.0.1 allows remote attackers to execute arbitrary code via serialized data in the cookies related to the delivery scripts. Revive Adserver en versiones anteriores a 4.0.1 permite a atacantes remotos ejecutar código arbitrario a través de datos serializados en las cookies relacionadas con las secuencias de comandos de entrega. • http://www.openwall.com/lists/oss-security/2017/02/02/3 • CWE-502: Deserialization of Untrusted Data •