Revive Adserver - HackerOne Reports
View on HackerOne22
Total Reports
2
Critical
2
High
9
Medium
7
Low
Reflected XSS in Step 2 of the Installation
Reported by:
pavanw3b
|
Disclosed:
Weakness: Cross-site Scripting (XSS) - Generic
Reflected XSS on /admin/stats.php
Reported by:
solov9ev
|
Disclosed:
Medium
Weakness: Cross-site Scripting (XSS) - Reflected
Reflected XSS on /admin/campaign-zone-zones.php
Reported by:
solov9ev
|
Disclosed:
Medium
Weakness: Cross-site Scripting (XSS) - Reflected
Reflected XSS on /admin/stats.php
Reported by:
solov9ev
|
Disclosed:
Medium
Weakness: Cross-site Scripting (XSS) - Reflected
Open redirection bypass in /www/admin/campaign-modify.php
Reported by:
hoangn14
|
Disclosed:
Low
Weakness: Open Redirect
Weak Forgot Password implementation
Reported by:
pavanw3b
|
Disclosed:
Low
Weakness: Improper Authentication - Generic
Deserialization of Untrusted Data in www/delivery/adxmlrpc.php
Reported by:
mbeccati
|
Disclosed:
Critical
Weakness: Deserialization of Untrusted Data
Stored XSS on Admin Access Page - Email field
Reported by:
pavanw3b
|
Disclosed:
High
Weakness: Cross-site Scripting (XSS) - Generic
Cross Site Scripting and Open Redirect in affiliate-preview.php file
Reported by:
keyurvala
|
Disclosed:
Low
Weakness: Open Redirect
bypass old password with array in /admin/account-user-email.php
Reported by:
hoangn14
|
Disclosed:
Low
Weakness: Array Index Underflow
Reflected XSS on /admin/stats.php
Reported by:
solov9ev
|
Disclosed:
Medium
Weakness: Cross-site Scripting (XSS) - Reflected
Reflected XSS on /admin/userlog-index.php
Reported by:
solov9ev
|
Disclosed:
Medium
Weakness: Cross-site Scripting (XSS) - Reflected
Reflected XSS on www/delivery/afr.php
Reported by:
jacopotediosi
|
Disclosed:
Medium
Weakness: Cross-site Scripting (XSS) - Reflected
Authentication Bypass by abusing Insecure crypto tokens in /lib/OA/Dal/PasswordRecovery.php:
Reported by:
paulos__
|
Disclosed:
High
Weakness: Improper Authentication - Generic
Reflected XSS on /www/delivery/afr.php (bypass of report #775693)
Reported by:
axfla
|
Disclosed:
Medium
Weakness: Cross-site Scripting (XSS) - Reflected
Open redirect in switch account functionality
Reported by:
sumni
|
Disclosed:
Low
Weakness: Open Redirect
Reflected XSS on Zones > Invocation Code
Reported by:
pavanw3b
|
Disclosed:
Low
Weakness: Cross-site Scripting (XSS) - Generic
Open redirect in ck.php and lg.php
Reported by:
mbeccati
|
Disclosed:
Medium
Weakness: Open Redirect
Login page password-guessing attack
Reported by:
karan
|
Disclosed:
Weakness: Violation of Secure Design Principles
Multiple cross-site scripting (XSS) vulnerabilities in Revive Adserver
Reported by:
l4stb1t
|
Disclosed:
Low
Weakness: Cross-site Scripting (XSS) - Generic
Page 1 of 2
Next