Back to search
CVE-2010-2584
Published: Oct 26, 2010
Modified: Sep 16, 2024
PUBLISHED
Description
The Upload method in the RealPage Module Upload ActiveX control in Realpage.dll 1.0.0.9 in RealPage Module ActiveX Controls does not properly restrict certain property values, which allows remote attackers to read arbitrary files via a filename in the SourceFile property in conjunction with an http URL in the DestURL property.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
41392
third-party-advisory
x_refsource_SECUNIA
44302
vdb-entry
x_refsource_BID
http://secunia.com/secunia_research/2010-118/
x_refsource_MISC
68813
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now