All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
A directory traversal vulnerability (a flaw allowing attackers to access files outside their intended directory by using special path sequences like '..' to navigate backwards) exists in JaxUltraBB 2.0 and earlier. An attacker can exploit this through the viewprofile.php file by manipulating the user parameter to read arbitrary local files on the affected system.
A vulnerability in the Device Manager daemon (utdevmgrd, a background service that manages devices) in Sun Ray Server Software versions 2.0, 3.0, 3.1, and 3.1.1 allows remote attackers to create or delete arbitrary directories without authorization. The exact method of exploitation is not detailed in the source.
A vulnerability in the Device Manager daemon (utdevmgrd, a background service that manages devices) in Sun Ray Server Software versions 2.0, 3.0, 3.1, and 3.1.1 allows remote attackers to crash the daemon through unspecified means, causing a denial of service (making the service unavailable). The specific attack method and affected software details are not clearly documented in this record.
A vulnerability in Sun Ray Server Software versions 2.0 and 3.0 (before January 23, 2007) allowed local users (people with access to the same system) to steal the utadmin password by reading web server log files or through other unspecified local attacks. This is a serious issue because the utadmin password likely controls important administrative functions on the server.
JaxUltraBB (JUBB) 2.0 has a direct static code injection vulnerability (a weakness that lets attackers insert malicious code) in its delete.php file when register_globals is enabled (a PHP setting that automatically creates variables from user input). Remote attackers can inject arbitrary web script, HTML, or PHP code through the contents parameter, which gets added to a file specified by the forum parameter.
CVE-2006-4049 is a vulnerability in the utxconfig utility (a configuration tool) in Sun Ray Server Software version 3.x that allows local users (people with access to the system) to create or overwrite arbitrary files through unknown methods. The exact details of how the attack works are not specified in the available information.
ChatPat version 1.0 contains multiple cross-site scripting (XSS, where attackers inject malicious scripts into web pages) vulnerabilities in two PHP files that allow attackers to inject harmful code through chat messages. The vulnerability affects the fastchat.php and fastshow.php files in the application.
A cross-site scripting vulnerability (XSS, a type of attack where an attacker injects malicious code into a webpage that runs in other users' browsers) exists in Jax Guestbook versions 3.1, 3.31, and 3.50 in the jax_guestbook.php file. Remote attackers can exploit this by injecting arbitrary web script or HTML through the page parameter. The vulnerability has a CVSS 4.0 severity rating (a 0-10 scale measuring how serious a security flaw is).
CVE-2006-1400 is a cross-site scripting (XSS) vulnerability in a web page called MyTasks/PersonalTaskEdit.asp in Metisware Instructor version 1.3 and earlier. XSS is a security flaw where attackers inject malicious code into a website that then runs in other users' browsers. In this case, attackers can inject harmful scripts through the Task parameter to compromise users.
CVE-2006-1239 is a cross-site scripting (XSS, a type of attack where an attacker injects malicious code into a webpage that runs in other users' browsers) vulnerability in Gemini 2.0's issue creation page that allows attackers to inject arbitrary web script or HTML through the rtcDescription$RadEditor1 input field. The vulnerability has an unknown CVSS severity score as of the record date. The source note indicates that details come from third-party information rather than official vendor confirmation.
Jax Calendar version 1.34 contains a SQL injection vulnerability (a type of attack where an attacker inserts malicious SQL code into input fields) in the jax_calendar.php file. The vulnerability allows remote attackers to execute arbitrary SQL commands through the cal_id parameter and possibly the Y and m parameters.
CVE-2005-4001 is a SQL injection vulnerability (a type of attack where an attacker inserts malicious database commands into user input fields) in phpYellow Pro Edition and Lite Edition version 5.33. The vulnerability allows remote attackers to execute arbitrary SQL commands through two different input parameters: the haystack parameter in search_result.php or the ckey parameter in print_me.php.
A bug in Linux 2.6's mprotect code (the system that controls memory access permissions) on Itanium IA64 Montecito processors fails to keep cache memory synchronized with main memory as the processor design requires. This allows local users (people with access to the same computer) to crash the system and potentially corrupt data by changing memory protection settings.
Raysoft/Raybase Video Cam Server version 1.0.0 beta has a vulnerability where remote attackers (people accessing the system from outside) can perform administrator operations and shut down the server or camera by sending a direct request to admin.html. This is a serious flaw because it lets unauthorized users take control of the system without proper authentication (verification of identity).
Raysoft/Raybase Video Cam Server version 1.0.0 beta has a vulnerability where remote attackers (people accessing the server from outside) can discover the full pathname (the complete file location) of the server by requesting an invalid page, such as by using a hex-encoded space character. This information leakage could help attackers understand the server's structure and plan further attacks.
A directory traversal vulnerability (a security flaw where an attacker uses special path sequences to access files outside their allowed area) was found in Raysoft/Raybase Video Cam Server version 1.0.0 beta. Remote attackers could exploit this by sending HTTP requests containing ".." (dot dot) sequences to read arbitrary files on the affected system.
Sun Ray Server Software (SRSS) versions 1.3 and 2.0 on certain Solaris systems have a bug where quickly removing, reinserting, and removing a smartcard again can prevent the system from detecting that the card is gone. This leaves a user's session logged in, potentially allowing someone else to access the account without permission.
Sun Ray Server Software (SRSS) version 1.3 has a vulnerability that allows remote attackers to log in as another user when Non-Smartcard Mobility (NSCM, a feature that lets users connect from different systems) is enabled, by running dtlogin (a login program) from a system that supports XDMCP (a protocol for remote display connections). This is a serious authentication bypass vulnerability that could let attackers impersonate legitimate users.
CVE-2000-1193 is a vulnerability in Performance Copilot's PMCD (Performance Metrics Collector Daemon, a service that monitors system performance metrics) on IRIX 6.x systems that allows remote attackers to cause a denial of service (resource exhaustion, where a system runs out of memory or processing power) by sending an extremely long string to the PMCD port. The vulnerability has a CVSS 4.0 severity rating (a 0-10 scale measuring how serious the vulnerability is).
Jax Petition Book version 1.0.3.06 contains directory traversal vulnerabilities (a security flaw where attackers use .. sequences to access files outside the intended folder) in two PHP files. Remote attackers can exploit this by adding .. characters to the languagepack parameter, allowing them to view and run arbitrary local files on the server.