Security Advisory - Published 2026-06-24 - Revive Adserver
Revive Adserver 6.0.6 and earlier: check zones, delivery limits, and compiled rules
This Revive Adserver batch affects low-privilege adserver operations that can still touch sensitive zone or delivery-limit logic. Patch first, then review account changes, campaign edits, compiled limitation records, and web/PHP logs.
Affected versions
| CVE | Issue | Affected | Fixed | CVSS |
|---|---|---|---|---|
| CVE-2026-34916 | PHP code injection through delivery limitation logical parameter | <= 6.0.6 | 6.0.7 | 8.8 |
| CVE-2026-44959 | PHP code injection through unexpected delivery limitation component | <= 6.0.6 | 6.0.7 | 8.8 |
| CVE-2026-34914 | Blind SQL injection in zone-include.php clientid handling | <= 6.0.6 | 6.0.7 | 8.3 |
| CVE-2026-34915 | Reflected XSS in zone-include.php clientid handling | <= 6.0.6 | 6.0.7 | 6.1 |
Owner self-check
grep -Rni 'Revive Adserver\\|openx\\|MAX_PRODUCT_VERSION' . 2>/dev/null | head -80
grep -Rni 'zone-include.php\\|compiledlimitations\\|delivery limitations\\|clientid' var logs www 2>/dev/null | tail -180
find . -type f -mtime -10 2>/dev/null | egrep 'zone-include\\.php|delivery|compiled|\\.log$|\\.php$'
grep -Rni 'INSERT\\|UPDATE\\|compiledlimitations\\|clientid\\|component' var logs storage 2>/dev/null | tail -180What to review
- Revive Adserver version and whether any public files still run 6.0.6 or earlier.
- Low-privilege user activity, changed delivery limitations, changed campaigns, and changed zone assignments.
- Database records that store compiled delivery limitation logic.
- PHP error logs, ad delivery logs, and unusual access to zone include endpoints.
Safe fix path
- Upgrade Revive Adserver to 6.0.7 or newer.
- Temporarily restrict user roles that can edit campaigns, zones, or delivery limitations during review.
- Preserve database and web logs before clearing caches or rebuilding compiled rules.
- Rotate administrator passwords and API keys if suspicious delivery changes or PHP errors appear.
Repair help
Use Ping7 CVE Repair when an exposed Revive Adserver instance has changed campaigns, unexpected compiled limitation records, or unclear PHP errors around the patch window.