Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control (XUpload.ocx) in HP LoadRunner 9.5 allows remote malicious users to create arbitrary files via \.. (backwards slash dot dot) sequences in the third argument to the MakeHttpRequest method.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
persits xupload 2.0 |
||
hp loadrunner 9.5 |