Reports in revive adserver program: S.No Title Bounty 1 Weak Forgot Password implementation $0.0 2 Reflected XSS on Zones > Invocation Code $0.0 3 Stored XSS on Admin Access Page - Email field $0.0 4 Reflected XSS in Step 2 of the Installation $0.0 5 Open redirect in switch account functionality $0.0 6 Deserialization of Untrusted Data in www/delivery/dxmlrpc.php $0.0 7 Deserialization of Untrusted Data in www/delivery/adxmlrpc.php $0.0 8 Authentication Bypass by abusing Insecure crypto tokens in /lib/OA/Dal/PasswordRecovery.php: $0.0 9 Reflected XSS on www/delivery/afr.php $0.0 10 Open redirection bypass in /www/admin/campaign-modify.php $0.0 11 bypass old password with array in /admin/account-user-email.php $0.0 12 Reflected XSS on /www/delivery/afr.php (bypass of report #775693) $0.0 13 Cross Site Scripting and Open Redirect in affiliate-preview.php file $0.0 14 Open redirect in ck.php and lg.php $0.0 15 Reflected XSS on /admin/userlog-index.php $0.0 16 Reflected XSS on /admin/stats.php $0.0 17 Reflected XSS on /admin/campaign-zone-zones.php $0.0 18 Reflected XSS on /admin/stats.php $0.0 19 Reflected XSS on /admin/stats.php $0.0 20 Use of a Broken or Risky Cryptographic Algorithm $0.0 21 Multiple cross-site scripting (XSS) vulnerabilities in Revive Adserver $0.0 22 Login page password-guessing attack $0.0