Jump to content

Revive not allowed with my provider?

Recommended Posts

After installing Revive with only denial of the ZIPped plugins, i can run Revive but the security system of the provider called COMODO WAF is reporting Revive as a vulnerability to their system:

This is the report:

[Mon Oct 15 14:22:08.593756 2018] [:error] [pid 1799253:tid 140005489911552] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:(?:advertiser|campaign|affiliate|zone|channel)\\\\-edit|account\\\\-user\\\\-(?:name\\\\-language|email|password))\\\\.php$" at REQUEST_FILENAME. [file "/usr/local/cwaf/rules/32_Apps_OtherApps.conf"] [line "1387"] [id "240530"] [rev "3"] [msg "COMODO WAF: CSRF protection bypass in Revive Adserver before 3.2.2 (CVE-2015-7364)||www.bannerserver.nl|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.bannerserver.nl"] [uri "/www/admin/advertiser-edit.php"] [unique_id "W8SGcHrHq69UgJn5sExDtwAAACA"], referer: http://www.bannerserver.nl/www/admin/advertiser-edit.php 

This is popping up at the logs of my provider after i saved a new advertiser. At the browse i get a Forbidden message....

Can anybody shine his light on this?

Link to comment
Share on other sites

  • 2 years later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...