CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Avolve Software ProjectDox 8.1 allows remote authenticated users to obtain sensitive information from other users via vectors involving a direct access token...

4CVSS6.2AI score0.00926EPSS

Exploits0References4Affected Software1

NVD•added 2018/03/27 9:29 p.m.•6 views

CVE-2014-5130

Avolve Software ProjectDox 8.1 allows remote authenticated users to obtain sensitive information from other users via vectors involving a direct access token...

6.5CVSS6AI score0.00926EPSS

Exploits0References4

NVD•added 2018/03/27 9:29 p.m.•13 views

CVE-2014-5132

Avolve Software ProjectDox 8.1 allows remote attackers to enumerate users via vectors related to email addresses...

4.3CVSS4.6AI score0.00202EPSS

Exploits0References3

NVD•added 2018/03/27 9:29 p.m.•13 views

CVE-2014-5131

Avolve Software ProjectDox 8.1 makes it easier for remote authenticated users to obtain sensitive information by leveraging ciphertext reuse...

6.5CVSS6.1AI score0.00926EPSS

Exploits0References4

CVE•added 2018/03/27 9:0 p.m.•34 views

CVE-2014-5131

CVE-2014-5131 affects Avolve Software ProjectDox 8.1. The issue enables remote authenticated users to obtain sensitive information by exploiting ciphertext reuse: the application encrypts data identifiers without a randomized IV or with identical IVs in multiple locations, allowing an attacker to...

6.5CVSS6AI score0.00926EPSS

Exploits0References4Affected Software1

Cvelist•added 2018/03/27 9:0 p.m.•10 views

CVE-2014-5131

Avolve Software ProjectDox 8.1 makes it easier for remote authenticated users to obtain sensitive information by leveraging ciphertext reuse...

6.1AI score0.00926EPSS

Exploits0References4

Cvelist•added 2018/03/27 9:0 p.m.•11 views

CVE-2014-5130

Avolve Software ProjectDox 8.1 allows remote authenticated users to obtain sensitive information from other users via vectors involving a direct access token...

6AI score0.00926EPSS

Exploits0References4

CVE•added 2018/03/27 9:0 p.m.•41 views

CVE-2014-5132

CVE-2014-5132 affects Avolve Software ProjectDox 8.1. The vulnerability is a User Enumeration issue where a remote attacker can determine valid users via vectors related to email addresses. Documented details confirm that the application exposes user-existence information, enabling enumeration wi...

4.3CVSS4.6AI score0.00202EPSS

Exploits0References3Affected Software1

CVE•added 2018/03/27 9:0 p.m.•31 views

CVE-2014-5130

The CVE-2014-5130 entry applies to Avolve Software ProjectDox 8.1 . The vulnerability is described as an information disclosure where remote authenticated users can obtain sensitive data from other users via vectors involving a direct access token. The connected documentation confirms multiple re...

6.5CVSS5.9AI score0.00926EPSS

Exploits0References4Affected Software1

Cvelist•added 2018/03/27 9:0 p.m.•18 views

CVE-2014-5132

Avolve Software ProjectDox 8.1 allows remote attackers to enumerate users via vectors related to email addresses...

4.6AI score0.00202EPSS

Exploits0References3

securityvulns•added 2014/10/15 12:0 a.m.•53 views

Avolve Software ProjectDox Multiple Vulnerability Disclosure

--------------------------------------------------------------------- Product: ProjectDox Vendor: Avolve Software Vulnerable Version: 8.1 Tested Version: 8.1 Vendor Notification: May 30, 2014 Public Disclosure: September 3, 2014 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference:...

4.3CVSS0.2AI score0.00926EPSS

Exploits0

NVD•added 2014/09/11 3:55 p.m.•9 views

CVE-2014-5129

Cross-site scripting XSS vulnerability in Avolve Software ProjectDox 8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.00498EPSS

Exploits0References3

Prion•added 2014/09/11 3:55 p.m.•11 views

Cross site scripting

Cross-site scripting XSS vulnerability in Avolve Software ProjectDox 8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.00498EPSS

Exploits0References3Affected Software1

CVE•added 2014/09/11 3:0 p.m.•30 views

CVE-2014-5129

CVE-2014-5129: Avolve Software ProjectDox 8.1 suffers cross-site scripting (XSS). Descriptions indicate unsanitized input in ProjectDox may allow injection of arbitrary script/HTML via unspecified vectors. Connected docs confirm the product/version and vulnerability type but do not provide concre...

4.3CVSS5.8AI score0.00498EPSS

Exploits0References3Affected Software1

Cvelist•added 2014/09/11 3:0 p.m.•13 views

CVE-2014-5129

Cross-site scripting XSS vulnerability in Avolve Software ProjectDox 8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.00498EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by