The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows remote attackers to bypass authentication and obtain phpMyAdmin console access via a direct request to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The Service Processor in the IBM Power 5 91##-### and 940#-### before SF240_418_382 does not ensure that firewall code is executed, which allows remote attackers to execute arbitrary code via. Rated high severity (CVSS 7.9). No vendor patch available.