6 matches found
CVE-2019-17322
ClipSoft REXPERT 1.0.0.527 and earlier is vulnerable to arbitrary file creation via a POST request where the file path is supplied as a parameter. An attacker could cause writing of an executable file to an arbitrary directory. Exploitation requires user interaction: the target must visit a malic...
CVE-2019-17323
CVE-2019-17323 affects ClipSoft REXPERT (versions 1.0.0.527 and earlier). The vulnerability is an XML injection in the Rexpert viewer's report printing function, enabling arbitrary file creation and execution. Exploitation requires user interaction: the target must visit a malicious web page. Imp...
CVE-2019-17324
CVE-2019-17324 affects ClipSoft REXPERT ≤ 1.0.0.527. A directory traversal flaw is exploitable by sending a crafted HTTP POST containing ".." characters, enabling an attacker to access outside restricted directories and potentially create a malicious HTML file via template injection. Exploitation...
CVE-2019-17321
CVE-2019-17321 affects ClipSoft REXPERT 1.0.0.527 and earlier. The vulnerability is an information disclosure where, when requesting a web page associated with a session, the HTTP response data can leak the username via the session file path. No authentication is required to trigger the issue. Th...
CVE-2019-17325
CVE-2019-17325 affects ClipSoft REXPERT (versions 1.0.0.527 and earlier). The root cause is a file upload vulnerability via the ActiveX RexViewerCtrl30.ocx, allowing a remote attacker to upload arbitrary local files and potentially disclose sensitive information. Exploitation requires the target ...
CVE-2019-17326
ClipSoft REXPERT 1.0.0.527 and earlier allows remote arbitrary file deletion via an HTTP GET with a specially crafted parameter. Exploitation requires user interaction (target must visit a malicious page). Affected product: ClipSoft REXPERT; no explicit root-cause or patch details are provided in...