3 matches found
CVE-2016-5661
Accela Civic Platform Citizen Access portal relies on the client to restrict file types for uploads, which allows remote authenticated users to execute arbitrary code via modified EventArgument and filename parameters...
CVE-2016-5661
Accela Civic Platform Citizen Access portal is affected by CVE-2016-5661: Arbitrary file upload vulnerability where the portal relies on client-side file-type checks and an attacker can bypass these restrictions by manipulating the _EventArgument and filename parameters to upload arbitrary files....
Accela Civic Platform Citizen Access portal contains multiple vulnerabilities
Overview Accela Civic Platform Citizen Access portal contains cross-site scripting and arbitrary file upload vulnerabilities. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' - CVE-2016-5660Accela Civic Platform Citizen Access portal contains ...