CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2010-2584

The Upload method in the RealPage Module Upload ActiveX control in Realpage.dll 1.0.0.9 in RealPage Module ActiveX Controls does not properly restrict certain property values, which allows remote attackers to read arbitrary files via a filename in the SourceFile property in conjunction with an http URL in the DestURL property.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 64.7%

CVSS Severity

CVSS v2 Score 5.0

References

http://secunia.com/advisories/41392
http://secunia.com/secunia_research/2010-118/
http://www.osvdb.org/68813
http://www.securityfocus.com/bid/44302
http://secunia.com/advisories/41392
http://secunia.com/secunia_research/2010-118/
http://www.osvdb.org/68813
http://www.securityfocus.com/bid/44302

Products affected by CVE-2010-2584

Realpage » Module Activex Controls » Version: 1.0.0.9

cpe:2.3:a:realpage:module_activex_controls:1.0.0.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-2584

Products

Pricing

Contact Us