Projectdox Security Vulnerabilities and Issues — Projectdox CVE List

AvolvesoftwareProjectdox

4 matches found

CVE•added 2018/03/27 9:0 p.m.•41 views

CVE-2014-5132

CVE-2014-5132 affects Avolve Software ProjectDox 8.1. The vulnerability is a User Enumeration issue where a remote attacker can determine valid users via vectors related to email addresses. Documented details confirm that the application exposes user-existence information, enabling enumeration wi...

4.3CVSS4.6AI score0.00202EPSS

CVE•added 2018/03/27 9:0 p.m.•35 views

CVE-2014-5131

CVE-2014-5131 affects Avolve Software ProjectDox 8.1. The issue enables remote authenticated users to obtain sensitive information by exploiting ciphertext reuse: the application encrypts data identifiers without a randomized IV or with identical IVs in multiple locations, allowing an attacker to...

6.5CVSS6AI score0.00926EPSS

CVE•added 2014/09/11 3:0 p.m.•31 views

CVE-2014-5129

CVE-2014-5129: Avolve Software ProjectDox 8.1 suffers cross-site scripting (XSS). Descriptions indicate unsanitized input in ProjectDox may allow injection of arbitrary script/HTML via unspecified vectors. Connected docs confirm the product/version and vulnerability type but do not provide concre...

4.3CVSS5.8AI score0.00498EPSS

CVE•added 2018/03/27 9:0 p.m.•31 views

CVE-2014-5130

The CVE-2014-5130 entry applies to Avolve Software ProjectDox 8.1 . The vulnerability is described as an information disclosure where remote authenticated users can obtain sensitive data from other users via vectors involving a direct access token. The connected documentation confirms multiple re...

6.5CVSS5.9AI score0.00926EPSS