- Portcullis Security Advisory 06-064 Belkin Router G plus Router (f5D7231-4) Administration Web Interface is vulnerable Cross-site Scripting
- Portcullis Security Advisory 06-063 Centricq is vulnerable to multiple buffer overflows
- Portcullis Security Advisory 06-062 SurgeFTP is vulnerable to Cross-site Scripting(XSS)
- Portcullis Security Advisory 06-061 SurgeFTP mirror mechanism allows the Denial of Service
- Portcullis Security Advisory 06-060 SurgeMail is prone to a format string vulnerability
- Portcullis Security Advisory 06-059 ImgSvr is vulnerable to a directory traversal
- Portcullis Security Advisory 06-058 ImgSvr is vulnerable to a stack overflow
- Portcullis Security Advisory 06-057 E-Visit Analyst - multiple CGI scripts allow SQL injection
- Portcullis Security Advisory 06-056 The P-Synch Windows domain password reset web applications style parameter allows JavaScript injection
- Portcullis Security Advisory 06-046 Visionsoft Audit - VSAOD server discloses its version
- Portcullis Security Advisory 06-045 Visionsoft Audit - VSAOD server allows unauthenticated remote uninstalls
- Portcullis Security Advisory 06-044 Visionsoft Audit - VSAOD server allows remote execution via replay attacks
- Portcullis Security Advisory 06-043 Visionsoft Audit - VSAOD server discloses the log path
- Portcullis Security Advisory 06-042 Visionsoft Audit - VSAOD server uses a weak algorithm to obscure passwords on the wire and in configuration files
- Portcullis Security Advisory 06-041 Visionsoft Audit - VSAOD server allows unauthenticated ini file overwrites
- Portcullis Security Advisory 06-040 Visionsoft Audit- VSAOD server has input validation flaws which can result in an authenticated heap overflow
- Portcullis Security Advisory 06-039 Visionsoft Audit - VSAOD server allows unathenticated arbitary file overwrites
- Portcullis Security Advisory No 06-038 Username enumeration is possible via the password reset mechanism
- Portcullis Security Advisory No 06-037 The Upload mechanism potentially allows the upload of arbitrary code for execution as the web server user
- Portcullis Security Advisory No 06-036 A potential phishing attack via the comments mechanism
- Portcullis Security Advisory No 06-035 The create entry mechanism is vulnerable to JavaScript injection
- Portcullis Security Advisory No 06-034 The blog directory path can be set to any arbitrary directory path during the creation of new blogs
- Portcullis Security Advisory No 06-033 The username and password hash for the administration interface is stored within a cookie
- Portcullis Security Advisory No 06-018 Informix Username Buffer Overflow Vulnerability
- Portcullis Security Advisory 06-011 Fujitsu Webserver Source Code Disclosure Vulnerability
- Portcullis Security Advisory 06-010 Fujitsu Webserver Directory Traversal Vulnerability
- Portcullis Security Advisory 06-005 P-Synch Username Enumeration Vulnerability
- Portcullis Security Advisory 06-004 P-Synch Multiple Request Methods Supported Vulnerability
- Portcullis Security Advisory 06-003 P-Synch Reduced Authentication Complexity Vulnerability
- Portcullis Security Advisory 06-002 P-Synch Password Management Vulnerability
- Portcullis Security Advisory 06-001 NetIQ Endpoint Heap Overflow.
2006 Advisories
Portcullis Advisories - 2006