Feed | nolanbkennedy.com

CVE-2020-8496: Stored XSS in Kronos Web Time and Attendance (webTA) 4.1.x

Overview This advisory addresses a Stored XSS vulnerability in Kronos Web Time and Attendance (webTA) affecting versions 4.1.x - 5.0 via...

CVE-2020-8493: Stored XSS in Kronos Web Time and Attendance (webTA) 3.8.x

Overview This advisory addresses a Stored XSS vulnerability in Kronos Web Time and Attendance (webTA) affecting versions 3.8.x - 4.0 via...

CVE-2020-8494: Authenticated Remote Privilege Escalation in Kronos Web Time and Attendance (webTA)

Overview Authenticated remote privilege escalation vulnerability in Kronos WebTA v3.8.x affecting the “com.threeis.webta.H402editUser”...

CVE-2020-8495: Authenticated Remote Privilege Escalation in Kronos Web Time and Attendance (webTA)

Overview Authenticated remote privilege escalation vulnerability in Kronos WebTA v3.8.x affecting the “com.threeis.webta.H491delegate”...

CVE-2019-19616: Insecure Direct Object Reference (IDOR) in Xtivia Web Time and Expense (WebTE)

Overview This advisory addresses a Insecure Direct Object Reference (IDOR) vulnerability in the Xtivia Web Time and Expense (WebTE)...

CVE-2019-10715: Stored XSS in Verodin Director version 3.5.3.0 and earlier

Overview This advisory addresses a Stored XSS vulnerability in Verodin Director affecting version 3.5.3.0 and earlier via input fields of...

CVE-2019-10716: Information Disclosure Issue in Verodin Director version 3.5.3.1 and earlier

Overview This advisory addresses a Information Disclosure vulnerability in Verodin Director affecting version 3.5.3.1 and earlier where...

My first CVE! Exploiting the XXE Vulnerability in BlackBerry AtHoc 7.6 Management System

Mirror Blog Post: XXE Vulnerability in BlackBerry AtHoc (Networked Crisis Communication) Platform Recently I had the opportunity to test...

Guide to Creating a Cybersecurity Challenge for Kids

By: Stephanie Carruthers and Nolan B. Kennedy Mirror Blog Post: Guide to Creating a Cybersecurity Challenge for Kids “Right now, we’ve...