JBoss 3.0.83.2.1 - HSQLDB Remote Command Injection

JBoss 3.0.83.2.1 - HSQLDB Remote Command Injection source: https://www.securityfocus.com/bid/8773/info A remote command-injection vulnerability has been reported in JBoss. The issue is reportedly exposed via the HSQLDB component, which is a SQL database server that manages JMS connections. Becaus...

JBoss 3.0.8/3.2.1 - HSQLDB Remote Command Injection

source: https://www.securityfocus.com/bid/8773/info A remote command-injection vulnerability has been reported in JBoss. The issue is reportedly exposed via the HSQLDB component, which is a SQL database server that manages JMS connections. Because of a number of flaws, an attacker can pass comman...

Phorum Vulnerabilities

Phorum.org have acknowledged the flaws below and have released version 3.4.3 which corrects them. 1 The Phorum download program download.php is vulnerable to directory transversal attack and is able to read arbitrary files from anywhere within the root directory - with permissions of the web...

CVE-2000-0969

Format string vulnerability in Half Life dedicated server build 3104 and earlier allows remote attackers to execute arbitrary commands by injecting format strings into the changelevel command, via the system console or rcon...