Jump to content
Willem Luijk

Revive not allowed with my provider?

Recommended Posts

After installing Revive with only denial of the ZIPped plugins, i can run Revive but the security system of the provider called COMODO WAF is reporting Revive as a vulnerability to their system:

This is the report:

[Mon Oct 15 14:22:08.593756 2018] [:error] [pid 1799253:tid 140005489911552] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:(?:advertiser|campaign|affiliate|zone|channel)\\\\-edit|account\\\\-user\\\\-(?:name\\\\-language|email|password))\\\\.php$" at REQUEST_FILENAME. [file "/usr/local/cwaf/rules/32_Apps_OtherApps.conf"] [line "1387"] [id "240530"] [rev "3"] [msg "COMODO WAF: CSRF protection bypass in Revive Adserver before 3.2.2 (CVE-2015-7364)||www.bannerserver.nl|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.bannerserver.nl"] [uri "/www/admin/advertiser-edit.php"] [unique_id "W8SGcHrHq69UgJn5sExDtwAAACA"], referer: http://www.bannerserver.nl/www/admin/advertiser-edit.php 

This is popping up at the logs of my provider after i saved a new advertiser. At the browse i get a Forbidden message....

Can anybody shine his light on this?

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...