Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Session fixation vulnerability in the forgot password mechanism in Revive Adserver before 4.0.1, when setting a new password, allows remote attackers to hijack web sessions via the session ID.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Revive Adserver 安全漏洞
Vulnerability Description
Revive Adserver是Revive Adserver团队的一套开源的广告管理系统。该系统提供广告投放、广告位管理、数据统计等功能。 Revive Adserver 4.0.0之前的的版本中的forgot password机制存在会话固定漏洞。远程攻击者可借助会话ID利用该漏洞劫持Web会话。
CVSS Information
N/A
Vulnerability Type
N/A