QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2019-17325

Back to search

CVE-2019-17325

Published: Oct 30, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

ClipSoft REXPERT 1.0.0.527 and earlier version allows remote attacker to upload arbitrary local file via the ActiveX method in RexViewerCtrl30.ocx. That could lead to disclosure of sensitive information. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.

VendorProductVersions

ClipSoft

REXPERT

affected
1.0.0.527 and earlier

Weaknesses (CWE)

CWE-434

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now