Showing 1 - 22 of 22

Files from Matteo Beccati

Email address	php at beccati.com
First Active	2005-08-18
Last Active	2021-01-27

Revive Adserver 5.1.0 Cross Site Scripting: Posted Jan 27, 2021; Authored by Matteo Beccati; Revive Adserver versions 5.1.0 and below suffer from multiple reflective cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2021-22874, CVE-2021-22875; SHA-256 | 190f88d88bd59a6e458fe50325d73d4011e9b7ef2b33f6962a495f46bb142f9a; Download | Favorite | View

Revive Adserver 5.0.5 Cross Site Scripting / Open Redirect: Posted Jan 24, 2021; Authored by Matteo Beccati; Revive Adserver versions 5.0.5 and below suffer from persistent and reflective cross site scripting and open redirection vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2021-22871, CVE-2021-22872, CVE-2021-22873; SHA-256 | c7f57ec7a0fdc03032ccbfb85e6d682a3160156a7e0330b675338dfa1a77d605; Download | Favorite | View

Revive Adserver 5.0.4 Security Bypass / Open Redirect: Posted Mar 13, 2020; Authored by Matteo Beccati; Revive Adserver versions 5.0.4 and below suffer from bypass and open redirection vulnerabilities.; tags | exploit, vulnerability; SHA-256 | 227caed18cd585592cab071fd8f1e1b5744e03d59567da8593f7ac4670aeab32; Download | Favorite | View

Revive Adserver 5.0.3 Cross Site Scripting: Posted Jan 21, 2020; Authored by Matteo Beccati; Revive Adserver versions 5.0.3 and below suffer from a cross site scripting vulnerability.; tags | advisory, xss; SHA-256 | 922080ca1f34d8cf660fbf7ec1e6625e52661b9d2efa943f1d6be87329bdab11; Download | Favorite | View

Revive Adserver Weak PRNG Cryptography: Posted May 21, 2019; Authored by Matteo Beccati; Revive Adserver versions prior to 4.2.1 make use of a cryptographically weak pseudo-random number generator.; tags | advisory; SHA-256 | feabf4f5898a355332369c41662b3e060d381adec2eedf985f89fc2676ad6cbd; Download | Favorite | View

Revive Adserver Deserialization / Open Redirect: Posted Apr 29, 2019; Authored by Matteo Beccati; Revive Adserver versions prior to 4.2.0 suffers from deserialization and open redirection vulnerabilities.; tags | exploit, vulnerability; SHA-256 | 78026c25e3a914b02abb72a3cdb24b90933a9d60bd9adec3c0931a7bb0710202; Download | Favorite | View

Revive Adserver 4.0.0 XSS / Deserialization / Session Fixation: Posted Jan 31, 2017; Authored by Matteo Beccati; Revive Adserver versions 4.0.0 and below suffer from cross site scripting, session fixation, and deserialization of untrusted data vulnerabilities.; tags | advisory, vulnerability, xss; SHA-256 | 49fc47c53b039e7dd7aa51c531ed2ea56ab25e997650a7d59f9e2c32e722f087; Download | Favorite | View

Revive Adserver 3.2.4 XSS / File Download / Element Injection: Posted Sep 29, 2016; Authored by Matteo Beccati; Revive Adserver versions 3.2.4 and below suffers from reflected file download, cross site scripting, and special element injection.; tags | advisory, xss; SHA-256 | b2af95d062de5bdc30f259d6beea9ba5dac6df00433eebde912fe2a5cbc3d161; Download | Favorite | View

Revive Adserver 3.2.2 Session Fixation / XSS / CSRF: Posted Mar 3, 2016; Authored by Matteo Beccati; Revive Adserver versions 3.2.2 and below suffer from cross site request forgery, lack of brute force controls, session fixation, information exposure, and multiple cross site scripting vulnerabilities.; tags | advisory, vulnerability, xss, csrf; SHA-256 | 9eca0a9a06ce2eb6e30eada22b5590b69c13dcb9f77ce7e219cf71f70634c6b0; Download | Favorite | View

Revive Adserver 3.2.1 CSRF / XSS / Local File Inclusion: Posted Oct 7, 2015; Authored by Matteo Beccati; Revive Adserver versions 3.2.1 and below suffer from improper access controls, cross site request forgery, cross site scripting, local file inclusion, and various other vulnerabilities.; tags | advisory, local, vulnerability, xss, file inclusion, csrf; advisories | CVE-2015-7364, CVE-2015-7365, CVE-2015-7366, CVE-2015-7367, CVE-2015-7368, CVE-2015-7369, CVE-2015-7370, CVE-2015-7371, CVE-2015-7372, CVE-2015-7373; SHA-256 | f3c53ca4f0d760cffde26a8a7bbe06712810d8fb32dabf303255604dc56e2372; Download | Favorite | View

Revive Adserver 3.0.5 Cross Site Scripting / Denial Of Service: Posted Dec 17, 2014; Authored by Matteo Beccati; Revive Adserver versions 3.0.5 and below suffer from cross site scripting and denial of service vulnerabilities.; tags | exploit, denial of service, vulnerability, xss; advisories | CVE-2014-8793, CVE-2014-8875; SHA-256 | 426d31d0ab499fd7fc3744cc62332ca5f6570b56efa55e8d3a6d2ee8a1493b38; Download | Favorite | View

Revive Adserver 3.0.4 Cross Site Request Forgery: Posted May 16, 2014; Authored by Matteo Beccati; Revive Adserver version 3.0.4 and below suffer from multiple cross site request forgery vulnerabilities.; tags | advisory, vulnerability, csrf; advisories | CVE-2013-5954; SHA-256 | 69d5babec7b6252d42e27eec7c6a50d3dbd12263d8c536e4717b434d03fb885d; Download | Favorite | View

Revive Adserver 3.0.1 SQL Injection: Posted Dec 20, 2013; Authored by Matteo Beccati; Revive Adserver versions 3.0.1 and below suffer from a remote SQL injection vulnerability. The XML-RPC delivery invocation script was failing to escape its input parameters in the same way the other delivery methods do, allowing attackers to inject arbitrary SQL code via the "what" parameter of the delivery XML-RPC methods. Also, the escaping technique used to handle such parameter in the delivery scripts was based on the addslashes PHP function and has now been upgraded to use the dedicated escaping functions for the database in use.; tags | advisory, remote, arbitrary, php, sql injection; advisories | CVE-2013-7149; SHA-256 | aae6d650022d7cd159dfd9c7aa3425dd04b9ca82313106207d0a48c48043025f; Download | Favorite | View

OpenX SQL INjection / XSS: Posted Apr 2, 2009; Authored by Matteo Beccati | Site openx.org; OpenX suffers from SQL injection, cross site scripting, CRLF injection, and file deletion vulnerabilities. Versions equal to or below 2.4.10, 2.6.4, and 2.7.29-beta are affected.; tags | advisory, vulnerability, xss, sql injection; SHA-256 | 3008336de55fded676c45f8bbe537ed29f64acbae2e966f96f08303497d99589; Download | Favorite | View

OpenX Security Advisory - XSS / SQL Injection / Directory Traversal: Posted Jan 30, 2009; Authored by Matteo Beccati | Site openx.org; OpenX versions 2.4.9 and below and versions 2.6.3 and below suffer from cross site scripting, SQL injection, and directory traversal vulnerabilities.; tags | advisory, vulnerability, xss, sql injection; advisories | CVE-2009-0291; SHA-256 | 1832f2bf4c9549691dc54114426b945ebc52efd40a6911f23a26b27c4143a951; Download | Favorite | View

OPENX-SA-2008-002.txt: Posted Oct 8, 2008; Authored by Matteo Beccati; OpenX versions 2.6.1 and below and versions 2.4.8 and below suffer from a blind remote SQL injection vulnerability in ac.php.; tags | advisory, remote, php, sql injection; SHA-256 | b0e453984721b6268aa695ae2464d67ef48038fdeb409306801a2828dfc5c253; Download | Favorite | View

OPENADS-SA-2008-001.txt: Posted Feb 4, 2008; Authored by Matteo Beccati | Site openads.org; Openads versions prior to 2.4.3 suffer from a PHP code injection and execution vulnerability.; tags | advisory, php; SHA-256 | 3b8e9656dab62e6fe6a16d9ba5b32ecb9895b49a521e943ff12d6cf3cda618ee; Download | Favorite | View

OPENADS-SA-2007-004.txt: Posted Apr 17, 2007; Authored by Matteo Beccati | Site openads.org; Max Media Manager versions 0.1.29-rc and below and 0.3.31-alpha-pr2 and below suffer from HTTP response splitting vulnerabilities.; tags | advisory, web, vulnerability; SHA-256 | e45c478c078f852b6c2dffaa38f4e11272c6bb69ac0e93123533a7cb22f6a90f; Download | Favorite | View

OPENADS-SA-2007-003.txt: Posted Apr 17, 2007; Authored by Matteo Beccati | Site openads.org; Openads versions 2.0.11 and below suffers from HTTP response splitting attacks.; tags | advisory, web; SHA-256 | 53403817f5a46e40bb752ec4d5b071f12971a2957d3bc49af38869f853f922b5; Download | Favorite | View

PHPADSNEW-SA-2006-001.txt: Posted Apr 1, 2006; Authored by Matteo Beccati | Site phpadsnew.com; phpAdsNew and phpPgAds versions 2.0.7 and below suffer from multiple html injection and cross site scripting flaws.; tags | advisory, xss; SHA-256 | a793dcd9aecab47b9733118eb9d5787b238bd31ae7895adab51cebd13368c481; Download | Favorite | View

PHPADSNEW-SA-2005-002.txt: Posted Nov 20, 2005; Authored by Matteo Beccati | Site phpadsnew.com; phpAdsNew and phpPgAds versions 2.0.6 and below suffer from SQL injection, HTTP response splitting, and path disclosure flaws.; tags | advisory, web, sql injection; SHA-256 | cc54c367b1dd5d4187fc18555121f8a95684f16cc6b4251c7e091c02aad54394; Download | Favorite | View

PHPADSNEW-SA-2005-001.txt: Posted Aug 18, 2005; Authored by Matteo Beccati | Site phpadsnew.com; phpAdsNew and phpPgAds versions 2.0.5 and below suffer from arbitrary command execution, SQL injection, and various other flaws.; tags | advisory, arbitrary, sql injection; SHA-256 | f6f37d6d21bfc6b7554889b68c9f913aaca557b529dc0afcabbdf7cc88811289; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 223 files
Ubuntu 57 files
LiquidWorm 23 files
Debian 19 files
indoushka 15 files
Apple 9 files
Google Security Research 5 files
Gentoo 5 files
Chokri Hammedi 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,158)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,830)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,245)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,969)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

Files from Matteo Beccati

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems