Lucene search
K

27 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-1876

Malware in sbrugna...

6.5CVSS6.4AI score0.06102EPSS
Exploits0References8
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

HP Mercury Quality Center ActiveX Control ProgColor Buffer Overflow

No description provided by source. $Id: hpmqcprogcolor.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

7.1AI score
Exploits0
d2
d2
added 2010/05/07 6:24 p.m.85 views

DSquare Exploit Pack: D2SEC_HPLR

Name| d2sechplr ---|--- CVE| CVE-2010-1549 Exploit Pack| D2ExploitPack Description| HP Mercury LoadRunner Agent Remote Code Execution Vulnerability Notes|...

10CVSS2.1AI score0.78962EPSS
Exploits5
Zero Day Initiative
Zero Day Initiative
added 2010/05/06 12:0 a.m.42 views

HP Mercury LoadRunner Agent Trusted Input Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Mercury LoadRunner. Authentication is not required to exploit this vulnerability. The specific flaw exists within the process magentproc.exe that binds to TCP port 54345. A specially crafted...

10CVSS6.1AI score0.78962EPSS
Exploits5References1
Check Point Advisories
Check Point Advisories
added 2009/11/29 12:0 a.m.17 views

HP Mercury Multiple Products Agent Command Processing Buffer Overflow (CVE-2007-0446)

HP Mercury LoadRunner is a performance and load testing product. LoadRunner consists of three components, a Virtual User Generator, a Controller, and an Analysis module. The Virtual User Generator constructs large number of virtual user clients and generate running script. The Controller runs the...

10CVSS7.3AI score0.44457EPSS
Exploits5
Packet Storm
Packet Storm
added 2009/11/26 12:0 a.m.40 views

HP Mercury Quality Center ActiveX Control ProgColor Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'HP Mercury Qualit...

9.3CVSS0.6AI score0.39735EPSS
Exploits4
NVD
NVD
added 2009/02/24 5:30 p.m.20 views

CVE-2007-5289

HP Mercury Quality Center QC 9.2 and earlier, and possibly TestDirector, relies on cached client-side scripts to implement "workflow" and decisions about the "capability" of a user, which allows remote attackers to execute arbitrary code via crafted use of the Open Test Architecture OTA API, as...

7.6CVSS7.7AI score0.08683EPSS
Exploits1References8
Prion
Prion
added 2009/02/24 5:30 p.m.14 views

Design/Logic Flaw

HP Mercury Quality Center QC 9.2 and earlier, and possibly TestDirector, relies on cached client-side scripts to implement "workflow" and decisions about the "capability" of a user, which allows remote attackers to execute arbitrary code via crafted use of the Open Test Architecture OTA API, as...

7.6CVSS8.3AI score0.08683EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2009/02/24 5:0 p.m.28 views

CVE-2007-5289

HP Mercury Quality Center QC 9.2 and earlier, and possibly TestDirector, relies on cached client-side scripts to implement "workflow" and decisions about the "capability" of a user, which allows remote attackers to execute arbitrary code via crafted use of the Open Test Architecture OTA API, as...

7.7AI score0.08683EPSS
Exploits1References8
CVE
CVE
added 2009/02/24 5:0 p.m.42 views

CVE-2007-5289

HP Quality Center (QC) 9.2 and earlier, and possibly TestDirector, caches client-side scripts for workflow logic. An attacker can modify (1) common.tds, (2) defects.tds, (3) manrun.tds, (4) req.tds, (5) testlab.tds, or (6) testplan.tds in %tmp%\TD_80, then set the file properties to read-only to ...

7.6CVSS7.9AI score0.08683EPSS
Exploits1References8Affected Software2
securityvulns
securityvulns
added 2008/02/13 12:0 a.m.22 views

HP Mercury SiteScope multiple security vulnerabilities

No description provided...

0.7AI score
Exploits0References1
NVD
NVD
added 2007/12/27 10:46 p.m.21 views

CVE-2007-6530

Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remote attackers to execute arbitrary code via a long argument to the AddFolder function...

9.3CVSS7.8AI score0.36833EPSS
Exploits6References8
securityvulns
securityvulns
added 2007/04/13 12:0 a.m.59 views

HP Mercury Quality Center multiple security vulnerabilities

SQL injection, ActiveX buffer overflow...

9.3CVSS2.3AI score0.39735EPSS
Exploits4References3Affected Software1
Metasploit
Metasploit
added 2007/04/06 8:37 p.m.25 views

HP Mercury Quality Center ActiveX Control ProgColor Buffer Overflow

This module exploits a stack-based buffer overflow in SPIDERLib.Loader ActiveX control Spider90.ocx 9.1.0.4353 installed by TestDirector TD for Hewlett-Packard Mercury Quality Center 9.0 before Patch 12.1, and 8.2 SP1 before Patch 32. By setting an overly long value to 'ProgColor', an attacker ca...

9.3CVSS7.9AI score0.39735EPSS
Exploits4
NVD
NVD
added 2007/04/06 1:19 a.m.19 views

CVE-2007-1882

qcbin/servlet/tdservlet/TDAPIGeneralWebTreatment in HP Mercury Quality Center 9.0 build 9.1.0.4352 allows remote authenticated users to execute arbitrary SQL commands via the RunQuery method...

6.5CVSS7.6AI score0.06102EPSS
Exploits0References7
Prion
Prion
added 2007/04/06 1:19 a.m.20 views

Sql injection

qcbin/servlet/tdservlet/TDAPIGeneralWebTreatment in HP Mercury Quality Center 9.0 build 9.1.0.4352 allows remote authenticated users to execute arbitrary SQL commands via the RunQuery method...

6.5CVSS8.2AI score0.06102EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2007/04/06 1:0 a.m.25 views

CVE-2007-1882

qcbin/servlet/tdservlet/TDAPIGeneralWebTreatment in HP Mercury Quality Center 9.0 build 9.1.0.4352 allows remote authenticated users to execute arbitrary SQL commands via the RunQuery method...

7.6AI score0.06102EPSS
Exploits0References7
CVE
CVE
added 2007/04/06 1:0 a.m.56 views

CVE-2007-1882

The CVE-2007-1882 entry affects HP Mercury Quality Center 9.0, build 9.1.0.4352. The vulnerability lies in qcbin/servlet/tdservlet/TDAPI_GeneralWebTreatment, where remote authenticated users can execute arbitrary SQL commands via the RunQuery method. Documents confirm the affected component and t...

6.5CVSS7.6AI score0.06102EPSS
Exploits0References7Affected Software1
seebug.org
seebug.org
added 2007/04/04 12:0 a.m.56 views

HP Mercury Quality Center 9.0 build 9.1.0.4352 SQL Execution Exploit

No description provided by source. !/usr/bin/perl HP Mercury Quality Center runQuery exploit. Run whatever SQL you want on there db - without SQL injection. Problem is client can do "RunQuery" command os we write program to do this. Client can lots other things it should not also! The backend...

7.1AI score
Exploits0
0day.today
0day.today
added 2007/04/04 12:0 a.m.19 views

HP Mercury Quality Center Spider90.ocx ProgColor Overflow Exploit

Exploit for unknown platform in category remote exploits ================================================================= HP Mercury Quality Center Spider90.ocx ProgColor Overflow Exploit ================================================================= !/usr/bin/perl POC exploit for Mercury...

7.1AI score
Exploits0
Rows per page
Query Builder