CyberSec.Space Logo
返回 CVE 浏览器

CVE-2008-6638

HIGH
8.8
CVSS Severity Score
EPSS Score0.1660%
EPSS Percentile15.46th
Published2009年4月7日
Last Modified2026年4月23日

Vulnerability Description

Insecure method vulnerability in the Versalsoft HTTP Image Uploader ActiveX control (UUploaderSvrD.dll 6.0.0.35) allows remote attackers to delete arbitrary files via the RemoveFileOrDir method.

Affected Platforms (CPE)

📦
Versalsoft

Http File Upload Activex Control

= 6.0.0.35

References & Advisories

🔗 http://www.securityfocus.com/bid/28301
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/41258
🔗 https://www.exploit-db.com/exploits/5272
🔗 https://www.exploit-db.com/exploits/5569
🔗 http://www.securityfocus.com/bid/28301
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/41258
🔗 https://www.exploit-db.com/exploits/5272
🔗 https://www.exploit-db.com/exploits/5569

相关漏洞威胁

CVE-2007-25639.3

Buffer overflow in the AddFile function in VersalSoft HTTP File Upload ActiveX control (UFileUploaderD.dll) allows remote attacker...

CVE-2008-44936.8

Microsoft PicturePusher ActiveX control (PipPPush.DLL 7.00.0709), as used in Microsoft Digital Image 2006 Starter Edition, allows ...

CVE-2010-25845.0

The Upload method in the RealPage Module Upload ActiveX control in Realpage.dll 1.0.0.9 in RealPage Module ActiveX Controls does n...

CVE-2008-665110.0

Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote attackers to inject arbitrary PHP c...