HackerOne Bug Bounty Disclosure: error-based-time-based-sql-injection-in-keyword-parameter-of-admin-search-php-allowing-full-database-access-in-revive-adserver-v-kanon

October 24, 2025

Company Name:
Revive Adserver

Company HackerOne URL:
https://hackerone.com/revive_adserver

Submitted By:
kanon4

Link to Submitters Profile:
https://hackerone.com/kanon4

Report Title:
Error-Based & Time-Based SQL Injection in ‘keyword’ Parameter of admin-search[.]php Allowing Full Database Access in Revive Adserver v6[.]0[.]0

Report Link:
https://hackerone.com/reports/3395221

Date Submitted:
24 October 2025

Support Our Work

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on Patreon or Buy Me A Coffee using the buttons below.

AI APIs OSINT driven New features
Buy Me A Coffee Patreon
Tags:

You may have missed

hackerone

HackerOne Bug Bounty Disclosure: error-based-time-based-sql-injection-in-keyword-parameter-of-admin-search-php-allowing-full-database-access-in-revive-adserver-v-kanon

October 24, 2025
image

[WORLDLEAKS] – Ransomware Victim: Essilor of America

October 24, 2025
image

[WORLDLEAKS] – Ransomware Victim: Peruvian Connection

October 24, 2025
image

[WORLDLEAKS] – Ransomware Victim: Summit Hotel Properties

October 24, 2025
image

CVE Alert: CVE-2025-10861 – roxnor – Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers

October 24, 2025