48 matches found
EUVD-2016-6605
Malware in sbrugna...
EUVD-2016-6604
Malware in sbrugna...
CVE-2021-34369
portlets/contact/ref/refContactDetail.do in Accela Civic Platform through 20.1 allows remote attackers to obtain sensitive information via a modified contactSeqNumber value. NOTE: the vendor states "the information that is being queried is authorized for an authenticated user of that application,...
CVE-2021-34370
Accela Civic Platform through 20.1 allows ssoAdapter/logoutAction.do successURL XSS. NOTE: the vendor states "there are configurable security flags and we are unable to reproduce them with the available information...
CVE-2021-33904
In Accela Civic Platform through 21.1, the security/hostSignon.do parameter servProvCode is vulnerable to XSS. NOTE: The vendor states "there are configurable security flags and we are unable to reproduce them with the available information...
Accela Civic Platform 21.1 - (successURL) Cross-Site-Scripting Vulnerability
Exploit Title: Accela Civic Platform 21.1 - 'successURL' Cross-Site-Scripting XSS Software Link: https://www.accela.com/civic-platform/ Version: = 21.1 Author: Abdulazeez Alaseeri Tested on: JBoss server/windows Type: Web App Date: 07/06/2021 CVE-2021-34370...
Accela Civic Platform 21.1 - 'successURL' Cross-Site-Scripting (XSS)
Exploit Title: Accela Civic Platform 21.1 - 'successURL' Cross-Site-Scripting XSS Software Link: https://www.accela.com/civic-platform/ Version: = 21.1 Author: Abdulazeez Alaseeri Tested on: JBoss server/windows Type: Web App Date: 07/06/2021 CVE-2021-34370...
Accela Civic Platform 21.1 - 'contactSeqNumber' Insecure Direct Object References (IDOR)
Exploit Title: Accela Civic Platform 21.1 - 'contactSeqNumber' Insecure Direct Object References IDOR Software Link: https://www.accela.com/civic-platform/ Version: = 21.1 Author: Abdulazeez Alaseeri Tested on: JBoss server/windows Type: Web App Date: 07/06/2021 CVE: CVE-2021-34369...
Accela Civic Platform 21.1 Insecure Direct Object Reference
Exploit Title: Accela Civic Platform 21.1 - 'contactSeqNumber' Insecure Direct Object References IDOR Software Link: https://www.accela.com/civic-platform/ Version: = 21.1 Author: Abdulazeez Alaseeri Tested on: JBoss server/windows Type: Web App Date: 07/06/2021 CVE: CVE-2021-34369...
Accela Civic Platform 21.1 Cross Site Scripting / Open Redirection
Exploit Title: Accela Civic Platform 21.1 - 'successURL' Cross-Site-Scripting XSS Software Link: https://www.accela.com/civic-platform/ Version: = 21.1 Author: Abdulazeez Alaseeri Tested on: JBoss server/windows Type: Web App Date: 07/06/2021 CVE-2021-34370...
Accela Civic Platform 21.1 - (contactSeqNumber) Insecure Direct Object References Vulnerability
Exploit Title: Accela Civic Platform 21.1 - 'contactSeqNumber' Insecure Direct Object References IDOR Software Link: https://www.accela.com/civic-platform/ Version: = 21.1 Author: Abdulazeez Alaseeri Tested on: JBoss server/windows Type: Web App Date: 07/06/2021 CVE: CVE-2021-34369...
Accela Civic Platform 21.1 - 'servProvCode' Cross-Site-Scripting (XSS)
Exploit Title: Accela Civic Platform 21.1 - 'servProvCode' Cross-Site-Scripting XSS Exploit Author: Abdulazeez Alaseeri Software Link: https://www.accela.com/civic-platform/ Version: = 21.1 Tested on: JBoss server/windows Type: Web App Date: 06/07/2021 CVE: CVE-2021-33904...
Accela Civic Platform Information Disclosure Vulnerability
Accela Civic Platform is a cloud-based solution for Accela's application software to modernize city systems for land management and code enforcement, increased citizen engagement and mobile information access. information disclosure vulnerabilities exist in versions of Accela Civic Platform prior...
Accela Civic Platform 21.1 - (servProvCode) Cross-Site-Scripting Vulnerability
Exploit Title: Accela Civic Platform 21.1 - 'servProvCode' Cross-Site-Scripting XSS Exploit Author: Abdulazeez Alaseeri Software Link: https://www.accela.com/civic-platform/ Version: = 21.1 Tested on: JBoss server/windows Type: Web App Date: 06/07/2021 CVE: CVE-2021-33904...
Accela Civic Platorm 21.1 Cross Site Scripting
Exploit Title: Accela Civic Platform 21.1 - 'servProvCode' Cross-Site-Scripting XSS Exploit Author: Abdulazeez Alaseeri Software Link: https://www.accela.com/civic-platform/ Version: = 21.1 Tested on: JBoss server/windows Type: Web App Date: 06/07/2021 CVE: CVE-2021-33904...
Cerberus FTP Web Service 11 - (svg) Stored Cross-Site Scripting Vulnerability
Exploit Title: Accela Civic Platform 21.1 - 'servProvCode' Cross-Site-Scripting XSS Exploit Author: Abdulazeez Alaseeri Software Link: https://www.accela.com/civic-platform/ Version: = 21.1 Tested on: JBoss server/windows Type: Web App Date: 06/07/2021 CVE: CVE-2021-33904...
CVE-2021-34370
Accela Civic Platform through 20.1 allows ssoAdapter/logoutAction.do successURL XSS. NOTE: the vendor states "there are configurable security flags and we are unable to reproduce them with the available information...
CVE-2021-34369
portlets/contact/ref/refContactDetail.do in Accela Civic Platform through 20.1 allows remote attackers to obtain sensitive information via a modified contactSeqNumber value. NOTE: the vendor states "the information that is being queried is authorized for an authenticated user of that application,...
CVE-2021-34369
portlets/contact/ref/refContactDetail.do in Accela Civic Platform through 20.1 allows remote attackers to obtain sensitive information via a modified contactSeqNumber value. NOTE: the vendor states "the information that is being queried is authorized for an authenticated user of that application,...
CVE-2021-34370
Accela Civic Platform through 20.1 allows ssoAdapter/logoutAction.do successURL XSS. NOTE: the vendor states "there are configurable security flags and we are unable to reproduce them with the available information...