ABB Cylon Aspect 3.08.00 setTimeServer.php Remote Code Execution –
– ABB Cylon Aspect versions 3.08.00 and below suffer from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the timeserver HTTP POST parameter called by the setTimeServer.php script. – Read More – Packet Storm