Lucene search
K

10 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

Persits XUpload ActiveX AddFile Buffer Overflow

No description provided by source. $Id: hploadrunneraddfile.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2009/12/31 12:0 a.m.38 views

Persits XUpload ActiveX AddFile Buffer Overflow

$Id: hploadrunneraddfile.rb 7724 2009-12-06 05:50:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

6.8CVSS0.6AI score0.29518EPSS
Exploits4
Packet Storm
Packet Storm
added 2009/12/31 12:0 a.m.48 views

Persits XUpload ActiveX MakeHttpRequest Directory Traversal

$Id: persitsxuploadtraversal.rb 7760 2009-12-08 21:24:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

9.3CVSS0.5AI score0.4158EPSS
Exploits9
Metasploit
Metasploit
added 2009/12/08 3:8 a.m.21 views

Persits XUpload ActiveX MakeHttpRequest Directory Traversal

This module exploits a directory traversal in Persits Software Inc's XUpload ActiveX controlversion 3.0.0.3 that's included in HP LoadRunner 9.5. By passing a string containing ".." sequences to the MakeHttpRequest method, an attacker is able to write arbitrary files to arbitrary locations on...

9.3CVSS7.3AI score0.4158EPSS
Exploits9
Metasploit
Metasploit
added 2009/11/13 6:9 p.m.21 views

Persits XUpload ActiveX AddFile Buffer Overflow

This module exploits a stack buffer overflow in Persits Software Inc's XUpload ActiveX controlversion 3.0.0.3 thats included in HP LoadRunner 9.5. By passing an overly long string to the AddFile method, an attacker may be able to execute arbitrary code. This module requires Metasploit:...

6.8CVSS10AI score0.29518EPSS
Exploits4
Prion
Prion
added 2009/10/13 10:30 a.m.25 views

Directory traversal

Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control XUpload.ocx in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via .. backwards slash dot dot sequences in the third argument to the MakeHttpRequest method...

9.3CVSS7.2AI score0.4158EPSS
Exploits9References2Affected Software2
NVD
NVD
added 2009/10/13 10:30 a.m.33 views

CVE-2009-3693

Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control XUpload.ocx in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via .. backwards slash dot dot sequences in the third argument to the MakeHttpRequest method...

9.3CVSS6.7AI score0.4158EPSS
Exploits9References2
CVE
CVE
added 2009/10/13 10:0 a.m.61 views

CVE-2009-3693

CVE-2009-3693 involves a directory traversal in Persits.XUpload.2 ActiveX control (XUpload.ocx) shipped with HP LoadRunner 9.5. The flaw arises in the MakeHttpRequest method, where sequences like "..\" can cause arbitrary files to be created on the target. Public details describe this as a write-...

9.3CVSS6.6AI score0.4158EPSS
Exploits9References2Affected Software2
Cvelist
Cvelist
added 2009/10/13 10:0 a.m.29 views

CVE-2009-3693

Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control XUpload.ocx in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via .. backwards slash dot dot sequences in the third argument to the MakeHttpRequest method...

6.7AI score0.4158EPSS
Exploits9References2
0day.today
0day.today
added 2009/09/29 12:0 a.m.19 views

HP LoadRunner 9.5 remote file creation PoC

Exploit for unknown platform in category dos / poc ========================================== HP LoadRunner 9.5 remote file creation PoC ========================================== Title: HP LoadRunner 9.5 remote file creation PoC CVE-ID: OSVDB-ID: Author: Pyrokinesis Published: 2009-09-29 Verifie...

7AI score
Exploits0
Rows per page
Query Builder