Description

Improper neutralisation of format characters in the settings of Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an administrator user to disable the admin user console due to a fatal PHP error.

Remediation

References

CVE-2025-52666

Related Vulnerabilities

MongoDb Improper Input Validation Vulnerability (CVE-2019-2389)

WordPress Plugin iFrame Admin Pages 'url' Parameter Cross-Site Scripting (0.1)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3543)

WordPress Plugin Google Analytics Counter Tracker PHP Object Injection (3.4.0)

e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-10378)

Severity

Low

Classification

CVE-2025-52666 CWE-134 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

Tags

Missing Update Known Vulnerabilities