The file server in ActivePost Standard 3.1 and earlier allows remote authenticated users to cause a denial of service (application crash) via a long filename, possibly triggering a buffer overflow.

The file server in ActivePost Standard 3.1 and earlier allows remote authenticated users to obtain sensitive information by uploading a file, which reveals the path in a success message.

The conference menu in ActivePost Standard 3.1 sends passwords of password-protected rooms in cleartext, which could allow remote attackers to gain sensitive information by sniffing the network connection.

Directory traversal vulnerability in the file server in ActivePost Standard 3.1 allows remote authenticated users to upload arbitrary files via a .. (dot dot) in the filename.