Back to CVE Browser

CVE-2008-6638

HIGH

8.8

CVSS Severity Score

EPSS Score0.1660%

EPSS Percentile15.46th

PublishedApr 7, 2009

Last ModifiedApr 23, 2026

Vulnerability Description

Insecure method vulnerability in the Versalsoft HTTP Image Uploader ActiveX control (UUploaderSvrD.dll 6.0.0.35) allows remote attackers to delete arbitrary files via the RemoveFileOrDir method.

Affected Platforms (CPE)

📦

Versalsoft

Http File Upload Activex Control

= 6.0.0.35

References & Advisories

🔗 http://www.securityfocus.com/bid/28301

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/41258

🔗 https://www.exploit-db.com/exploits/5272

🔗 https://www.exploit-db.com/exploits/5569

🔗 http://www.securityfocus.com/bid/28301

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/41258

🔗 https://www.exploit-db.com/exploits/5272

🔗 https://www.exploit-db.com/exploits/5569

Related Vulnerabilities

CVE-2007-25639.3

Buffer overflow in the AddFile function in VersalSoft HTTP File Upload ActiveX control (UFileUploaderD.dll) allows remote attacker...

CVE-2008-44936.8

Microsoft PicturePusher ActiveX control (PipPPush.DLL 7.00.0709), as used in Microsoft Digital Image 2006 Starter Edition, allows ...

CVE-2010-25845.0

The Upload method in the RealPage Module Upload ActiveX control in Realpage.dll 1.0.0.9 in RealPage Module ActiveX Controls does n...

CVE-2008-665110.0

Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote attackers to inject arbitrary PHP c...