WebCoreModule.ashx in RADactive I-Load before 2008.2.5.0 allows remote attackers to obtain sensitive information via unspecified requests that trigger responses containing the saved-image folder pathname.
Max CVSS
5.0
EPSS Score
0.38%
Published
2009-09-29
Updated
2018-10-10
Directory traversal vulnerability in WebCoreModule.ashx in RADactive I-Load before 2008.2.5.0 allows remote attackers to read arbitrary files via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.35%
Published
2009-09-29
Updated
2018-10-10
Multiple cross-site scripting (XSS) vulnerabilities in WebCoreModule.ashx in RADactive I-Load before 2008.2.5.0 allow remote attackers to inject arbitrary web script or HTML via parameters with names beginning with __ (underscore underscore) sequences, which are incompatible with an XSS protection mechanism provided by Microsoft ASP.NET.
Max CVSS
4.3
EPSS Score
0.25%
Published
2009-09-29
Updated
2018-10-10
Unrestricted file upload vulnerability in RADactive I-Load before 2008.2.5.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, and then sending a request for a predictable filename during a short time window.
Max CVSS
6.8
EPSS Score
4.53%
Published
2009-09-29
Updated
2018-10-10
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!