top of page
Search
Nolan B. Kennedy
Jan 20, 20201 min read
CVE-2020-8496: Stored XSS in Kronos Web Time and Attendance (webTA) 4.1.x
Overview This advisory addresses a Stored XSS vulnerability in Kronos Web Time and Attendance (webTA) affecting versions 4.1.x - 5.0 via...
Nolan B. Kennedy
Jan 20, 20201 min read
CVE-2020-8493: Stored XSS in Kronos Web Time and Attendance (webTA) 3.8.x
Overview This advisory addresses a Stored XSS vulnerability in Kronos Web Time and Attendance (webTA) affecting versions 3.8.x - 4.0 via...
Nolan B. Kennedy
Jan 20, 20201 min read
CVE-2020-8494: Authenticated Remote Privilege Escalation in Kronos Web Time and Attendance (webTA)
Overview Authenticated remote privilege escalation vulnerability in Kronos WebTA v3.8.x affecting the “com.threeis.webta.H402editUser”...
Nolan B. Kennedy
Jan 20, 20201 min read
CVE-2020-8495: Authenticated Remote Privilege Escalation in Kronos Web Time and Attendance (webTA)
Overview Authenticated remote privilege escalation vulnerability in Kronos WebTA v3.8.x affecting the “com.threeis.webta.H491delegate”...
Nolan B. Kennedy
Dec 3, 20191 min read
CVE-2019-19616: Insecure Direct Object Reference (IDOR) in Xtivia Web Time and Expense (WebTE)
Overview This advisory addresses a Insecure Direct Object Reference (IDOR) vulnerability in the Xtivia Web Time and Expense (WebTE)...
Nolan B. Kennedy
Apr 2, 20191 min read
CVE-2019-10715: Stored XSS in Verodin Director version 3.5.3.0 and earlier
Overview This advisory addresses a Stored XSS vulnerability in Verodin Director affecting version 3.5.3.0 and earlier via input fields of...
Nolan B. Kennedy
Apr 2, 20191 min read
CVE-2019-10716: Information Disclosure Issue in Verodin Director version 3.5.3.1 and earlier
Overview This advisory addresses a Information Disclosure vulnerability in Verodin Director affecting version 3.5.3.1 and earlier where...
Nolan B. Kennedy
Mar 13, 20195 min read
My first CVE! Exploiting the XXE Vulnerability in BlackBerry AtHoc 7.6 Management System
Mirror Blog Post: XXE Vulnerability in BlackBerry AtHoc (Networked Crisis Communication) Platform Recently I had the opportunity to test...
Nolan B. Kennedy
Jun 26, 20186 min read
Guide to Creating a Cybersecurity Challenge for Kids
By: Stephanie Carruthers and Nolan B. Kennedy Mirror Blog Post: Guide to Creating a Cybersecurity Challenge for Kids “Right now, we’ve...
bottom of page