Overview A critical security vulnerability, identified as CVE-2025-52670, has been discovered in Revive Adserver. This flaw affects versions 5.5.2 and 6.0.1 and earlier. The vulnerability stems from a missing authorization check, which allows authenticated users within the system to delete banners owned by other accounts. This poses a significant risk to the integrity of advertising campaigns and data security. Technical Details The vulnerability lies in the absence of proper authorization checks before allowing a user to delete a banner. Normally, the system should verify that the user attempting to delete a banner has the necessary permissions (e.g., being the owner…
-
-
Overview CVE-2025-52669 identifies a vulnerability in Revive Adserver versions 5.5.2 and 6.0.1 and earlier, related to insecure design policies within the user management system. This flaw allows non-administrative users to access the contact names and email addresses of other users on the system. While this may not grant full administrative access, it represents a significant data exposure risk. Technical Details The vulnerability stems from insufficient access control checks in the user management interface. Specifically, the system fails to adequately restrict access to user details, allowing non-admin users to query and retrieve contact information of other users through the application’s interface…
-
Overview A significant security vulnerability, identified as CVE-2025-52668, has been discovered in Revive Adserver. This vulnerability affects versions 5.5.2 and 6.0.1 and potentially earlier versions. The issue stems from improper input neutralization within the stats-conversions.php script, making it susceptible to a stored Cross-Site Scripting (XSS) attack. Successful exploitation of this vulnerability could lead to information disclosure and session hijacking, compromising the security of your Revive Adserver instance and advertising campaigns. Technical Details The vulnerability lies within the stats-conversions.php script. Insufficient sanitization of user-supplied input allows an attacker to inject malicious JavaScript code into the application’s database. When other users access…
-
Overview CVE-2025-52667 describes a stored Cross-Site Scripting (XSS) vulnerability found in Revive Adserver versions 6.0.1 and 5.5.2 and earlier. The vulnerability stems from a missing JSON Content-Type header in a specific script. This omission allows a logged-in manager user to inject malicious scripts that are then stored on the server and executed when other users (potentially with higher privileges) access the affected page. This can lead to account compromise, data theft, or other malicious activities. Technical Details The vulnerability arises due to the server’s failure to explicitly set the Content-Type header to application/json when serving JSON data from a particular…
-
Overview CVE-2025-52666 describes a vulnerability found in Revive Adserver versions 5.5.2 and 6.0.1 and earlier. This vulnerability allows an administrator user to unintentionally disable the admin user console due to a fatal PHP error. This is caused by improper neutralization of format characters within the settings, leading to a denial-of-service condition for the administrative interface. Technical Details The vulnerability stems from the inadequate sanitization of input provided to certain settings within the Revive Adserver administration panel. An attacker, assuming they have administrator privileges, can inject format string specifiers (e.g., %s, %d, %x) into a vulnerable setting field. When this setting…
-
Overview A reflected Cross-Site Scripting (XSS) vulnerability, identified as CVE-2025-48987, has been discovered in Revive Adserver versions 5.5.2 and 6.0.1 and earlier. This vulnerability stems from improper neutralization of user-supplied input, potentially allowing attackers to inject malicious scripts into the application and execute them in the context of a user’s browser. This can lead to session hijacking, sensitive data theft, or defacement of the ad server interface. Technical Details The vulnerability arises from the application’s failure to properly sanitize user input before reflecting it back in the response. An attacker can craft a malicious URL or inject a script into…
-
Overview CVE-2025-48986 describes an authorization bypass vulnerability affecting Revive Adserver versions 5.5.2 and 6.0.1 and earlier. This vulnerability allows an authenticated attacker to modify the email address of other users and potentially gain full control of their accounts by leveraging the password reset functionality. Technical Details The vulnerability stems from insufficient authorization checks when handling user profile updates. Specifically, an authenticated user can manipulate requests to change the email address associated with another user’s account. After successfully changing the email, the attacker can then trigger the “forgot password” functionality. A password reset link is sent to the attacker-controlled email address,…
-
Overview CVE-2025-35029 describes a stored cross-site scripting (XSS) vulnerability discovered in Medical Informatics Engineering’s Enterprise Health software. This vulnerability allows an authenticated attacker to inject malicious JavaScript code into the ‘Demographic Information’ page of the application. When a user views the affected page, the injected script will execute, potentially leading to data theft, session hijacking, or other malicious activities. The vulnerability was patched on March 14, 2025. It is critical for organizations using affected versions of Enterprise Health to apply the available update as soon as possible. Technical Details The vulnerability stems from insufficient input sanitization on the ‘Demographic Information’…
-
Overview CVE-2025-63700 identifies a security vulnerability in Clerk-js version 5.88.0. This flaw allows attackers to potentially bypass the OAuth authentication flow by manipulating requests during the One-Time Password (OTP) verification stage. This bypass can lead to unauthorized access to user accounts and sensitive data. Technical Details The vulnerability resides in the OTP verification process within Clerk-js 5.88.0. An attacker can intercept and modify the request sent to the server during OTP verification. By manipulating specific parameters within this request, the attacker can circumvent the intended authentication checks, effectively bypassing the OAuth flow and gaining unauthorized access as another user. The…
-
Overview CVE-2025-55128 describes an uncontrolled resource consumption vulnerability found in the userlog-index.php file. This vulnerability allows an attacker with access to the administrative interface to potentially trigger a denial-of-service (DoS) condition. The issue stems from the ability to request an arbitrarily large number of items per page, overwhelming server resources. This vulnerability was reported by HackerOne community member Dao Hoang Anh (yoyomiski) and publicly disclosed on 2025-11-20. Technical Details The userlog-index.php file likely provides a user interface for viewing and managing user activity logs. The vulnerability exists because the application doesn’t properly sanitize or limit the number of items requested…