CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2018/03/27 9:29 p.m.•6 views

CVE-2014-5130

Avolve Software ProjectDox 8.1 allows remote authenticated users to obtain sensitive information from other users via vectors involving a direct access token...

6.5CVSS6AI score0.00926EPSS

NVD•added 2018/03/27 9:29 p.m.•12 views

CVE-2014-5131

Avolve Software ProjectDox 8.1 makes it easier for remote authenticated users to obtain sensitive information by leveraging ciphertext reuse...

6.5CVSS6.1AI score0.00926EPSS

NVD•added 2018/03/27 9:29 p.m.•13 views

CVE-2014-5132

Avolve Software ProjectDox 8.1 allows remote attackers to enumerate users via vectors related to email addresses...

4.3CVSS4.6AI score0.00202EPSS

CVE•added 2018/03/27 9:0 p.m.•34 views

CVE-2014-5131

CVE-2014-5131 affects Avolve Software ProjectDox 8.1. The issue enables remote authenticated users to obtain sensitive information by exploiting ciphertext reuse: the application encrypts data identifiers without a randomized IV or with identical IVs in multiple locations, allowing an attacker to...

6.5CVSS6AI score0.00926EPSS

Exploits0References4Affected Software1

Cvelist•added 2018/03/27 9:0 p.m.•10 views

CVE-2014-5131

Avolve Software ProjectDox 8.1 makes it easier for remote authenticated users to obtain sensitive information by leveraging ciphertext reuse...

6.1AI score0.00926EPSS

Cvelist•added 2018/03/27 9:0 p.m.•11 views

CVE-2014-5130

Avolve Software ProjectDox 8.1 allows remote authenticated users to obtain sensitive information from other users via vectors involving a direct access token...

6AI score0.00926EPSS

CVE•added 2018/03/27 9:0 p.m.•30 views

CVE-2014-5130

The CVE-2014-5130 entry applies to Avolve Software ProjectDox 8.1 . The vulnerability is described as an information disclosure where remote authenticated users can obtain sensitive data from other users via vectors involving a direct access token. The connected documentation confirms multiple re...

6.5CVSS5.9AI score0.00926EPSS

Exploits0References4Affected Software1

CVE•added 2018/03/27 9:0 p.m.•41 views

CVE-2014-5132

CVE-2014-5132 affects Avolve Software ProjectDox 8.1. The vulnerability is a User Enumeration issue where a remote attacker can determine valid users via vectors related to email addresses. Documented details confirm that the application exposes user-existence information, enabling enumeration wi...

4.3CVSS4.6AI score0.00202EPSS

Cvelist•added 2018/03/27 9:0 p.m.•18 views

CVE-2014-5132

Avolve Software ProjectDox 8.1 allows remote attackers to enumerate users via vectors related to email addresses...

4.6AI score0.00202EPSS

securityvulns•added 2014/10/15 12:0 a.m.•53 views

Avolve Software ProjectDox Multiple Vulnerability Disclosure

--------------------------------------------------------------------- Product: ProjectDox Vendor: Avolve Software Vulnerable Version: 8.1 Tested Version: 8.1 Vendor Notification: May 30, 2014 Public Disclosure: September 3, 2014 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference:...

4.3CVSS0.2AI score0.00926EPSS

Exploits0

NVD•added 2014/09/11 3:55 p.m.•9 views

CVE-2014-5129

Cross-site scripting XSS vulnerability in Avolve Software ProjectDox 8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.00498EPSS

Prion•added 2014/09/11 3:55 p.m.•11 views

Cross site scripting

Cross-site scripting XSS vulnerability in Avolve Software ProjectDox 8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.00498EPSS

CVE•added 2014/09/11 3:0 p.m.•30 views

CVE-2014-5129

CVE-2014-5129: Avolve Software ProjectDox 8.1 suffers cross-site scripting (XSS). Descriptions indicate unsanitized input in ProjectDox may allow injection of arbitrary script/HTML via unspecified vectors. Connected docs confirm the product/version and vulnerability type but do not provide concre...

4.3CVSS5.8AI score0.00498EPSS

Cvelist•added 2014/09/11 3:0 p.m.•13 views

CVE-2014-5129

Cross-site scripting XSS vulnerability in Avolve Software ProjectDox 8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.00498EPSS