Dup Scout Enterprise is prone to a buffer-overflow vulnerability when handling a crafted packet, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with SYSTEM privileges.

Sync Breeze Enterprise is prone to a buffer-overflow vulnerability when handling a crafted GET request, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with SYSTEM privileges.

Username parameter in Registration page 'register.ghp' is prone to a stack-based buffer-overflow vulnerability.Application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer.

VX Search Enterprise is prone to a buffer-overflow vulnerability when handling a crafted packet, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with SYSTEM privileges.

Adobe ColdFusion is prone to a remote vulnerability that allows attackers to take advantage of an insecure deployment of the JMX/RMI service used to manage and monitor the Java Virtual Machine.

The application allows an attacker to specify a server to perform authentication. That server also allows to execute controlled SQL directly against the database. This module abuses of the previous vulnerabilities in order execute an agent as SYSTEM.

Apache Tomcat allows the upload of JSP files to unauthenticated users via a specially crafted request when the readonly initialization parameter of the Default servlet is set to false.

CMS Made Simple is prone to an OS command injection which allows attackers the execution of system commands.

A vulnerability exists in the way RAT Gh0st Controller Server process a remote request. The vulnerability is caused due to a boundary when handling network messages and can be exploited to cause a buffer overflow via a specially crafted packet sent to the server.

HP Intelligent Management Center is prone to a remote vulnerability that allows attackers to execute commands under the context of system.