CVE-2009-3693

Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control XUpload.ocx in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via \.. backwards slash dot dot sequences in the third argument to the MakeHttpRequest method...

HPE LoadRunner and Performance Center Cross-Site Scripting Vulnerability

HPE LoadRunner and Performance Center are both performance load testing software from Hewlett Packard Enterprise HPE. A cross-site scripting vulnerability exists in HPE LoadRunner 12.53 and earlier and Performance Center 12.53 and earlier, which stems from the program failing to properly filter...

HP LoadRunner and Performance Center Remote Code Execution Vulnerability

HPE LoadRunner and Performance Center are both performance load testing software from Hewlett Packard Enterprise HPE. A remote code execution vulnerability exists in HPE LoadRunner and Performance Center. A remote attacker could exploit this vulnerability to execute code...

HPE LoadRunner MMS Protocol Buffer Overflow RCE Vulnerability

HPE LoadRunner is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

HPE LoadRunner Virtual Table Server (VTS) Component Cross-Site Scripting Vulnerability

HPE LoadRunner is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:hp:loadrunner";...

CVE-2017-8953

A Remote Cross-Site Scripting XSS vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found...

CVE-2017-8953

A Remote Cross-Site Scripting XSS vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found...

Cross site scripting

A Remote Cross-Site Scripting XSS vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found...

Remote code execution

A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found...

CVE-2016-8512

A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found...

CVE-2017-8953

CVE-2017-8953 describes a remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center v12.53 and earlier. The root cause is improper input filtering of user-submitted content, allowing attacker-controlled input to be reflected in a vulnerable co...

CVE-2016-8512

CVE-2016-8512 concerns a remote code execution in all versions of HP LoadRunner and Performance Center via the MMS protocol. The connected sources identify a buffer overflow/RCE in the MMS handling (MMS Protocol Buffer Overflow) that can be exploited remotely by an unauthenticated attacker to exe...

CVE-2017-8953

A Remote Cross-Site Scripting XSS vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found...

CVE-2016-8512

A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found...

HP Mercury LoadRunner Agent magentproc.exe - Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "HP Mercury LoadRunner Agent magentproc.exe Remote Command Execution", 'Description' = %q This module exploits a remote command execution...

HP Mercury LoadRunner Agent magentproc.exe Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "HP Mercury LoadRunner Agent magentproc.exe Remote Command Execution", 'Description' = %q This module exploits a remote command execution...

HP Mercury LoadRunner Agent magentproc.exe Remote Command Execution Exploit

This Metasploit module exploits a remote command execution vulnerability in HP LoadRunner before 9.50 and also HP Performance Center before 9.50. HP LoadRunner 12.53 and other versions are also most likely vulnerable if the non-default SSL option is turned off. By sending a specially crafted...

HP Mercury LoadRunner Agent magentproc.exe Remote Command Execution

This module exploits a remote command execution vulnerablity in HP LoadRunner before 9.50 and also HP Performance Center before 9.50. HP LoadRunner 12.53 and other versions are also most likely vulneable if the non-default SSL option is turned off. By sending a specially crafted packet, an attack...

CVE-2017-5789

CVE-2017-5789 affects HP LoadRunner (before 12.53 Patch 4) and HP Performance Center (before 12.53 Patch 4). The root cause is a heap‑based buffer overflow in the libxdrutil.dll mxdr_string function, due to insufficient validation of user data length. This leads to remote code execution without a...

CVE-2017-5789

HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdrstring heap-based buffer overflow...