ABB Cylon Aspect 3.07.02 user.properties Default Credentials

ABB Cylon Aspect 3.08.00 dialupSwitch.php Remote Code Execution

ABB Cylon Aspect 3.07.02 sshUpdate.php Unauthenticated Remote SSH Service Control

Debian Security Advisory 5788-1

Ubuntu Security Notice USN-7020-4

Paymoney version 3.3 suffers from a cross site scripting vulnerability.

    ## Title: paymoney-3.3 XSS-Reflected## Author: nu11secur1ty## Date: 07.02.2022## Vendor: https://paymoney.techvill.org/## Software: paymoney-3.3## Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/paymoney/2022/paymoney-3.3Description:The parameters first_name and last_name in Users are vulnerable fromXSS-Reflected on Paymoney-3.3. The already authenticated users can behijacking the XSRF-Token and they can use it for malicious purposes oninternal and external domains.STATUS: Medium## Reproduce:[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/paymoney/2022/paymoney-3.3)## Proof and Exploit:[href](https://streamable.com/fhzvyr)

Headline

Paymoney 3.3 Cross Site Scripting

Packet Storm: Latest News