JPortal is affected by a remote SQL injection vulnerability in the print.inc.php script. This allows a malicious user to influence database queries and potentially compromise the software or the database. An attacker can exploit this issue to disclose the administrator password hash.
This vulnerability allows a remote attacker to execute arbitrary code in the context of the server process by exploiting a lack of sufficient boundary checks performed on CD command arguments.
This exploit allows an attacker to execute remote commands on the target server using the exV2 software. It works regardless of the php.ini settings and has two different exploit methods for register_globals=on or off.
PHP is affected by an arbitrary command-execution weakness through the PHP 'include()' function. This issue allows the execution of attacker-supplied POST PHP commands when URI data is used as an argument to an 'include()' function.
The Java System Application Server is prone to a remote installation path disclosure vulnerability. This vulnerability occurs due to a failure of the application to properly filter user requests. Successful exploitation of this vulnerability may allow an attacker to gain sensitive information about the file system, which can be used to launch more direct attacks against the system.
Minishare is affected by a remote denial of service vulnerability. This issue is due to a failure of the application to handle improperly formed HTTP requests. This issue will allow an attacker to cause the affected computer to stop responding, denying service to legitimate users.
The VocalTec VGW120 and VGW480 Telephony Gateways are prone to a remote denial of service vulnerability. The issue is reported to exist in the ASN.1/H.323/H.225 stack. A remote attacker may exploit this issue to deny service to the affected appliances.
A denial of service condition is reported to exist in the MollenSoft Lightweight FTP Server that may allow a remote user to deny service to legitimate FTP users. The vulnerability is due to a lack of sufficient boundary checks performed on CWD command arguments.
cPanel is reported prone to a privilege escalation vulnerability. It is reported that the options used by cPanel to compile Apache 1.3.29 and PHP using the mod_phpsuexec option are insecure. These settings will reportedly permit a local attacker to execute arbitrary code as any user who possesses a PHP file that is published to the Apache web server.
Users can bypass the content filter functionality of Netgear RP114 by creating a URI request string that is over 220 bytes in length. This allows any host to access blacklisted websites, leading to a false sense of security for network administrators.
Services By CQR