CVE-2009-3693

2022-10-0316:23:57

mitre

www.cve.org

directory traversal

persits.xupload

activex control

hp loadrunner 9.5

makehttprequest method

6.7 Medium

AI Score

Confidence

Low

0.901 High

EPSS

Percentile

98.8%

JSON

Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control (XUpload.ocx) in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via .. (backwards slash dot dot) sequences in the third argument to the MakeHttpRequest method.