Accela Civic Platform <=21.1 - Cross-Site Scripting

Accela Civic Platform through 21.1 contains a cross-site scripting vulnerability via the security/hostSignon.do parameter servProvCode. id: CVE-2021-33904 info: name: Accela Civic Platform 21.1 that includes proper input validation to mitigate the XSS vulnerability. reference: -...

Accela Civic Platform <=21.1 - Cross-Site Scripting

Accela Civic Platform through 21.1 contains a cross-site scripting vulnerability via ssoAdapter/logoutAction.do successURL. id: CVE-2021-34370 info: name: Accela Civic Platform 21.1 that includes proper input validation and sanitization. reference: - https://www.exploit-db.com/exploits/49990 -...

EUVD-2013-4563

Malware in sbrugna...

EUVD-2016-6604

Malware in sbrugna...

EUVD-2016-6605

Malware in sbrugna...

EUVD-2025-30333

Malicious code in bioql PyPI...

CVE-2025-57644

Accela Automation Platform 22.2.3.0.230103 contains multiple vulnerabilities in the Test Script feature. An authenticated administrative user can execute arbitrary Java code on the server, resulting in remote code execution. In addition, improper input validation allows for arbitrary file write a...

CVE-2025-57644

Accela Automation Platform 22.2.3.0.230103 contains multiple vulnerabilities in the Test Script feature. An authenticated administrative user can execute arbitrary Java code on the server, resulting in remote code execution. In addition, improper input validation allows for arbitrary file write a...

PT-2025-38543

Name of the Vulnerable Software and Affected Versions Accela Automation Platform version 22.2.3.0.230103 Description Accela Automation Platform contains multiple issues within the Test Script feature. An authenticated administrative user can execute arbitrary Java code on the server, potentially...

Accela Automation Platform 安全漏洞

Accela Automation Platform is an automation platform from Accela Canada. A security vulnerability exists in Accela Automation Platform version 22.2.3.0.230103, which stems from multiple issues with the Test Script functionality, including the ability to execute arbitrary Java code, improper...

CVE-2025-57644

CVE-2025-57644 affects Accela Automation Platform 22.2.3.0.230103 (Test Script feature). An authenticated administrative user can execute arbitrary Java code on the server, enabling remote code execution. Additional flaws include improper input validation that allows arbitrary file write and serv...

MAL-2025-27463 Malicious code in ng2-accela-inputs (npm)

The package ng2-accela-inputs was found to contain malicious code...

Malicious code in accela-ds-angular (npm)

The package accela-ds-angular was found to contain malicious code...

MAL-2025-13974 Malicious code in accela-ds-angular (npm)

The package accela-ds-angular was found to contain malicious code...

Malicious code in ng2-accela-inputs (npm)

The package ng2-accela-inputs was found to contain malicious code...

CVE-2021-34369

portlets/contact/ref/refContactDetail.do in Accela Civic Platform through 20.1 allows remote attackers to obtain sensitive information via a modified contactSeqNumber value. NOTE: the vendor states "the information that is being queried is authorized for an authenticated user of that application,...

CVE-2021-34370

Accela Civic Platform through 20.1 allows ssoAdapter/logoutAction.do successURL XSS. NOTE: the vendor states "there are configurable security flags and we are unable to reproduce them with the available information...

CVE-2021-33904

In Accela Civic Platform through 21.1, the security/hostSignon.do parameter servProvCode is vulnerable to XSS. NOTE: The vendor states "there are configurable security flags and we are unable to reproduce them with the available information...

CVE-2013-4711

Cross-site scripting XSS vulnerability in Accela BizSearch 3.2 on Linux and Solaris allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Accela Civic Platform 21.1 Insecure Direct Object Reference

Exploit Title: Accela Civic Platform 21.1 - 'contactSeqNumber' Insecure Direct Object References IDOR Software Link: https://www.accela.com/civic-platform/ Version: = 21.1 Author: Abdulazeez Alaseeri Tested on: JBoss server/windows Type: Web App Date: 07/06/2021 CVE: CVE-2021-34369...