Test ID:	1.3.6.1.4.1.25623.1.0.805415
Category:	Web application abuses
Title:	Revive Adserver Multiple Vulnerabilities
Summary:	Revive Adserver is prone to multiple vulnerabilities.
Description:	Summary: Revive Adserver is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - insufficient sanitization of input passed via the 'refresh_page' GET parameter to 'report-generate.php' script. - insufficient sanitization of input by The XML_RPC_cd function in lib/pear/XML/RPC.php in Revive Adserver. Vulnerability Impact: Successful exploitation will allow remote attackers to cause a denial of service and inject arbitrary web script or HTML. Affected Software/OS: Revive Adserver version 3.0.5 and prior. Solution: Upgrade to Revive Adserver version 3.0.6 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-8875 BugTraq ID: 71721 http://www.securityfocus.com/bid/71721 Bugtraq: 20141217 [REVIVE-SA-2014-002] Revive Adserver 3.0.6 and 3.1.0 fix multiple vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/534264/100/0/threaded http://packetstormsecurity.com/files/129621/Revive-Adserver-3.0.5-Cross-Site-Scripting-Denial-Of-Service.html Common Vulnerability Exposure (CVE) ID: CVE-2014-8793 BugTraq ID: 71718 http://www.securityfocus.com/bid/71718 Bugtraq: 20141217 Cross-Site Scripting (XSS) in Revive Adserver (Google Search) http://www.securityfocus.com/archive/1/534269/100/0/threaded http://packetstormsecurity.com/files/129622/Revive-Adserver-3.0.5-Cross-Site-Scripting.html https://www.htbridge.com/advisory/HTB23242
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.