Adserver

CVEs (3)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2026-34914	Revive Adserver	—	—	Jun 23, 2026	A missing sanitisation of user input in the zone-include.php script of Revive Adserver 6.0.6 and earlier. A low‑privileged user could exploit the clientid parameter to perform blind SQL injection attacks. Input sanitisation has been improved to ensure that all parameters…
CVE-2026-44958	Revive Adserver	—	—	Jun 23, 2026	An access control bypass allows an advertiser‑level user to activate or deactivate a banner in Revive Adserver 6.0.6 and earlier, even when such permissions were not granted. The banner-edit.php script allowed the banner status to be overwritten solely based on banner edit…
CVE-2026-34915	Revive Adserver	—	—	Jun 23, 2026	A missing sanitisation of user input in the zone-include.php script of Revive Adserver 6.0.6 and earlier could allow a low‑privileged user to exploit the clientid parameter to perform blind SQL injection attacks. Input sanitisation has been improved to ensure that all…

CVE-2026-34914Jun 23, 2026
Revive
Adserver
risk 0.00cvss —epss —
A missing sanitisation of user input in the zone-include.php script of Revive Adserver 6.0.6 and earlier. A low‑privileged user could exploit the clientid parameter to perform blind SQL injection attacks. Input sanitisation has been improved to ensure that all parameters…
CVE-2026-44958Jun 23, 2026
Revive
Adserver
risk 0.00cvss —epss —
An access control bypass allows an advertiser‑level user to activate or deactivate a banner in Revive Adserver 6.0.6 and earlier, even when such permissions were not granted. The banner-edit.php script allowed the banner status to be overwritten solely based on banner edit…
CVE-2026-34915Jun 23, 2026
Revive
Adserver
risk 0.00cvss —epss —
A missing sanitisation of user input in the zone-include.php script of Revive Adserver 6.0.6 and earlier could allow a low‑privileged user to exploit the clientid parameter to perform blind SQL injection attacks. Input sanitisation has been improved to ensure that all…