Abdulazeez Alaseeri - Security Researcher - Exploit Intelligence Platform

EIP-2026-113793 EXPLOITDB text WORKING POC

Wordpress Plugin Good LMS 2.1.4 - 'id' Unauthenticated SQL Injection

View Code

CVE-2021-34369 EXPLOITDB MEDIUM text WORKING POC

Accela Civic Platform <20.1 - Info Disclosure

portlets/contact/ref/refContactDetail.do in Accela Civic Platform through 20.1 allows remote attackers to obtain sensitive information via a modified contactSeqNumber value. NOTE: the vendor states "the information that is being queried is authorized for an authenticated user of that application, so we consider this not applicable.

CVSS 6.5

View Code

CVE-2021-33904 EXPLOITDB MEDIUM text WORKING POC

Accela Civic Platform < 21.1 - XSS

In Accela Civic Platform through 21.1, the security/hostSignon.do parameter servProvCode is vulnerable to XSS. NOTE: The vendor states "there are configurable security flags and we are unable to reproduce them with the available information.

CVSS 6.1

View Code

CVE-2021-34370 EXPLOITDB MEDIUM text WORKING POC

Accela Civic Platform < 20.1 - XSS

Accela Civic Platform through 20.1 allows ssoAdapter/logoutAction.do successURL XSS. NOTE: the vendor states "there are configurable security flags and we are unable to reproduce them with the available information.

CVSS 6.1

View Code