ABB Cylon FLXeon 9.3.4 login.js Node Timing Attack Exploit

ABB Cylon FLXeon version 9.3.4 has a timing attack vulnerability in the authentication process due to an improper comparison of password hashes in login.js and uukl.js. !/usr/bin/env python3 ABB Cylon FLXeon 9.3.4 login.js Node Timing Attack Vendor: ABB Ltd. Product web page: https://www.global.a...

ABB Cylon FLXeon 9.3.4 login.js Unauthenticated Root Remote Code Execution Exploit

ABB Cylon FLXeon version 9.3.4 suffers from an unauthenticated remote code execution vulnerability with root privileges. Input passed through the login.js script for the password JSON parameter allows out-of-band command injection. !/usr/bin/env python3 ABB Cylon FLXeon 9.3.4 login.js...

CVE-2022-30622

Disclosure of information - the system allows you to view usernames and passwords without permissions, thus it will be possible to enter the system. Path access: http://api/sysusernamepasswd.cmd - The server loads the request clearly by default. Disclosure of hard-coded credit information within...

WeGame Code Execution/Credential stealing Exploit

Exploit for php platform in category web applications ---------------------------------------------------------------------- 888 .d8888b. 888 d88P Y88b 888 .d88P .d8888b .d88b. 88888b.d88b. 88888b. 888 8888" 888 888 d88P" d88""88b 888 "888 "88b 888 "88b 888 "Y8b. Y8bd8P' 888 888 888 888 888 888 8...