5 matches found
HP LoadRunner - lrFileIOService ActiveX WriteFileString Remote Code Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...
CVE-2013-4798
creationtimestamp| type| source ---|---|--- 2013-09-04 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/28083 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/hploadrunnerwritefilestring.rb 2025-02-06...
DSquare Exploit Pack: D2SEC_LRWEB
Name| d2seclrweb ---|--- CVE| CVE-2013-4798 Exploit Pack| D2ExploitPack Description| HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution Vulnerability Notes|...
CVE-2013-4798
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1705...
CVE-2013-4798
HP LoadRunner prior to 11.52 is vulnerable via the lrFileIOService ActiveX WriteFileString method, which does not sanitize input and allows a remote attacker to write files (directory traversal) potentially enabling code execution. The issue affects Windows platforms and has been addressed by upg...