Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
PayMoney 3.3 is vulnerable to Stored Cross-Site Scripting (XSS) during replying the ticket. The XSS can be obtain from injecting under "Message" field with "description" parameter with the specially crafted payload to gain Stored XSS. The XSS then will prompt after that or can be access from the view ticket function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Techvillage PayMoney 跨站脚本漏洞
Vulnerability Description
Techvillage Paymoney是孟加拉国Techvillage公司的一个安全的在线支付网关。 Techvillage PayMoney 3.3版本存在安全漏洞,该漏洞源于XSS 可以通过在 Message字段下注入带有 description参数的特制有效载荷来获得。
CVSS Information
N/A
Vulnerability Type
N/A