3 matches found
Design/Logic Flaw
Avolve Software ProjectDox 8.1 makes it easier for remote authenticated users to obtain sensitive information by leveraging ciphertext reuse...
CVE-2014-5130
The CVE-2014-5130 entry applies to Avolve Software ProjectDox 8.1 . The vulnerability is described as an information disclosure where remote authenticated users can obtain sensitive data from other users via vectors involving a direct access token. The connected documentation confirms multiple re...
Cross site scripting
Cross-site scripting XSS vulnerability in Avolve Software ProjectDox 8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...