what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 4 of 4

Files from CAaNES

ProjectDox 8.1 XSS / User Enumeration / Ciphertext Reuse

Posted Sep 4, 2014

Authored by CAaNES

ProjectDox version 8.1 suffers from cross site scripting, insecure direct object reference, ciphertext reuse, and user enumeration vulnerabilities.

tags | advisory, vulnerability, xss

advisories | CVE-2014-5129, CVE-2014-5130, CVE-2014-5131, CVE-2014-5132

SHA-256 | 4ade242907fc62a13e4b8aaba0a4f7f7fca6f6b8b57d47b777e66318edf373cb

Download | Favorite | View

Sierra Library Services Platform 1.2_3 XSS / Enumeration

Posted Aug 29, 2014

Authored by CAaNES

Sierra Library Services Platform version 1.2_3 suffers from cross site scripting, user enumeration, and HTTP parameter pollution vulnerabilities.

tags | advisory, web, vulnerability, xss

advisories | CVE-2014-5136, CVE-2014-5137, CVE-2014-5138

SHA-256 | a6b55b2f25753f6aa79f465b7dad177fd8822701d788d595cf90f0a72f217779

Download | Favorite | View

Encore Discovery Solution 4.3 Open Redirect / Session Token In URL

Posted Aug 27, 2014

Authored by CAaNES

Encore Discovery Solution version 4.3 suffers from an open redirect vulnerability. It also passes the session token in the URL.

tags | advisory, info disclosure

advisories | CVE-2014-5127, CVE-2014-5128

SHA-256 | e0920eb1e2d0150ca74c5e507a7c2eac753594fae2d4c3fb55d5150e27fe6b15

Download | Favorite | View

ArcGIS For Server 10.1.1 XSS / Open Redirect

Posted Aug 21, 2014

Authored by CAaNES

ArcGIS for Server version 10.1.1 suffers from cross site scripting and open redirect vulnerabilities.

tags | advisory, vulnerability, xss

advisories | CVE-2014-5121, CVE-2014-5122

SHA-256 | df3cafafee2a56ce02291cb9609f9243863e0b48f7556cc7572db5590e99a6d5

Download | Favorite | View