Tenable8607.PRMRevive Adserver < 3.1.0 Multiple Vulnerabilities
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
83.1%
The remote host is running Revive Adserver, an open source PHP-based Ad serving system. This version of Revive Adserver is vulnerable to the following:
-
A denial-of-service vulnerability that occurs in the ‘XML-RPC’ implementation. Specifically, the issue affects the ‘XML/RPC.php’ script. (CVE-2014-8875)
-
A cross-site scripting vulnerability because Revive fails to properly sanitize user-supplied input. Specifically, this issue affects the ‘refresh_page’ parameter of the ‘/www/admin/report-generate.php’ script. (CVE-2014-8793)
Binary data 8607.prmRelated
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
83.1%