CVE-2009-3452
RADactive I-Load < 2008.2.5.0 - Exposure of Sensitive Information via WebCoreModule.ashx
Title source: llmDescription
WebCoreModule.ashx in RADactive I-Load before 2008.2.5.0 allows remote attackers to obtain sensitive information via unspecified requests that trigger responses containing the saved-image folder pathname.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/58194
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/506555/100/0/threaded
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/23807
Vendor Advisory x_refsource_confirm
http://radnet.radactive.com/forum/Default.aspx?g=posts&t=339
Various Sources x_refsource_misc
https://www.sec-consult.com/files/20090917-0_RADactive_I-Load_Multiple_Vulnerabilities.txt
Scores
EPSS
0.0126
EPSS Percentile
66.0%
Details
CWE
CWE-200
Status
published
Products (46)
radactive/i-load
1.6.3
radactive/i-load
1.6.3.1
radactive/i-load
1.6.3.2
radactive/i-load
1.6.3.3
radactive/i-load
1.7.0.0
radactive/i-load
1.7.0.1
radactive/i-load
1.7.0.2
radactive/i-load
1.7.0.3
radactive/i-load
1.7.0.4
radactive/i-load
1.7.0.5
... and 36 more
Published
Sep 29, 2009
Tracked Since
Feb 18, 2026