4.3

CVSS3.0

CVE-2025-52671 -

Debug information disclosure in the SQL error message to in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes non-admin users to acquire information about the software, PHP and database versions currently in use.

πŸ“… Published: Nov. 20, 2025, 7:10 p.m. πŸ”„ Last Modified: Dec. 2, 2025, 8:05 p.m.

2.7

CVSS3.0

CVE-2025-52666 -

Improper neutralisation of format characters in the settings of Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an administrator user to disable the admin user console due to a fatal PHP error.

πŸ“… Published: Nov. 20, 2025, 7:10 p.m. πŸ”„ Last Modified: Dec. 2, 2025, 8:31 p.m.

4.3

CVSS3.0

CVE-2025-52669 -

Insecure design policies in the user management system of Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes non-admin users to have access to the contact name and email address of other users on the system.

πŸ“… Published: Nov. 20, 2025, 7:10 p.m. πŸ”„ Last Modified: Dec. 2, 2025, 8:19 p.m.

6.1

CVSS3.0

CVE-2025-55124 -

Improper neutralisation of input in Revive Adserver 6.0.0+ causes a reflected XSS attack in the banner-zone.php script.

πŸ“… Published: Nov. 20, 2025, 7:10 p.m. πŸ”„ Last Modified: Nov. 26, 2025, 4:56 p.m.

6.5

CVSS3.1

CVE-2025-52670 -

Missing authorization check in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes users on the system to delete banners owned by other accounts

πŸ“… Published: Nov. 20, 2025, 7:10 p.m. πŸ”„ Last Modified: Dec. 2, 2025, 8:17 p.m.

5.4

CVSS3.1

CVE-2025-52667 -

Missing JSON Content-Type header in a script in Revive Adserver 6.0.1 and 5.5.2 and earlier versions causes a stored XSS attack to be possible for a logged in manager user.

πŸ“… Published: Nov. 20, 2025, 7:10 p.m. πŸ”„ Last Modified: Dec. 2, 2025, 8:24 p.m.

6.5

CVSS3.0

CVE-2025-55126 -

HackerOne community member Dang Hung Vi (vidang04) has reported a stored XSS vulnerability involving the navigation box at the top of advertiser-related pages, with campaign names being the vector for the stored XSS

πŸ“… Published: Nov. 20, 2025, 7:07 p.m. πŸ”„ Last Modified: Jan. 14, 2026, 9:16 p.m.

5.4

CVSS3.1

CVE-2025-55127 -

HackerOne community member Dao Hoang Anh (yoyomiski) has reported an improper neutralization of whitespace in the username when adding new users. A username with leading or trailing whitespace could be virtually indistinguishable from its legitimate counterpart when the username is displayed in the…

πŸ“… Published: Nov. 20, 2025, 7:07 p.m. πŸ”„ Last Modified: Jan. 14, 2026, 9:18 p.m.

6.5

CVSS3.0

CVE-2025-55128 -

HackerOne community member Dang Hung Vi (vidang04) has reported an uncontrolled resource consumption vulnerability in the β€œuserlog-index.php”. An attacker with access to the admin interface could request an arbitrarily large number of items per page, potentially leading to a denial of service.

πŸ“… Published: Nov. 20, 2025, 7:06 p.m. πŸ”„ Last Modified: Jan. 14, 2026, 9:23 p.m.

9.4

CVSS4.0

CVE-2025-10571 - ABB Ability Edgenius Authentication Bypass

Authentication Bypass Using an Alternate Path or Channel vulnerability in ABB ABB Ability Edgenius.This issue affects ABB Ability Edgenius: 3.2.0.0, 3.2.1.1.

πŸ“… Published: Nov. 20, 2025, 6:06 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 349182
Page 2948 of 34,919
Β« previous page Β» next page
Filters