ABB Cylon Aspect 3.08.01 databaseFileDelete.php Command Injection

Discussion in 'News Aggregator' started by Packet Storm, 19 Oct 2024.

  1. Packet Storm

    Packet Storm Guest

    ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the file HTTP POST parameter called by the databaseFileDelete.php script.

    Continue reading...
     
    #1 Packet Storm, 19 Oct 2024
(You must log in or sign up to post here.)

Share This Page

Loading...