MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration interface allows local users to bypass authentication and over

service.cgi in Cobalt RAQ 4 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long

Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to read password-protected files, and possibly files out

Cross-site scripting vulnerability in Cobalt RAQ 4 allows remote attackers to execute arbitrary script as other Cobalt users via J

Qpopper 2.53 and earlier allows local users to gain privileges via a formatting string in the From: header, which is processed by

Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which a

Qpopper 2.53 and 3.0 does not properly identify the \n string which identifies the end of message text, which allows a remote atta

The default configuration of Cobalt RaQ2 and RaQ3 as specified in access.conf allows remote attackers to view sensitive contents o

The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site Administrator to modify passwords for other users, site adminis

Denial of service in Linux syslogd via a large number of connections.

cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malic

The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages.