RS232-NET Converter (JTC-200) suffers from cross site request forgery and weak credential management vulnerabilities along with unauthenticated access over telnet.

CIMA DocuClass ECM suffers from cross site request forgery, cross site scripting, direct object reference, and remote SQL injection vulnerabilities.

OpenFire versions 3.10.2 through 4.0.1 suffer from cross site request forgery and cross site scripting vulnerabilities. These issues are similar as findings discovered by hyp3rlinx but leverage different pages.

Wrapper classes provided by PrinceXML appear to suffer from command injection vulnerabilities.