4 matches found
CVE-2009-3452
The CVE-2009-3452 entry concerns WebCoreModule.ashx in RADactive I-Load prior to version 2008.2.5.0. The vulnerability allows remote attackers to obtain sensitive information via requests that trigger responses containing the path to the saved-image folder. The available connected documents corro...
CVE-2009-3450
The CVE-2009-3450 entry describes multiple XSS vulnerabilities in WebCoreModule.ashx of RADactive I-Load before 2008.2.5.0. The issue stems from input parameters whose names begin with __ (double underscore), which bypasses the built‑in ASP.NET XSS protection and allows remote attackers to inject...
CVE-2009-3451
The CVE-2009-3451 entry describes a directory traversal vulnerability in RADactive I-Load’s WebCoreModule.ashx, affecting versions prior to 2008.2.5.0. The flaw enables remote attackers to read arbitrary files via unspecified vectors due to improper input handling in the WebCoreModule.ashx compon...
CVE-2009-3447
CVE-2009-3447 describes an unrestricted file upload vulnerability in RADactive I-Load prior to 2008.2.5.0 that enables remote code execution by uploading a file with an executable extension and then requesting a predictable filename within a short window. Affected: RADactive I-Load (before 2008.2...