Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-287

CWE-287

High likelihood

Improper Authentication

Parent: CWE-284 - Improper Access Control

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

4,376 vulnerabilities with CWE-287

dootzky oBlog - Unauthenticated Brute-Force Password Guessing via admin/index.php

Novell Access Manager < 3.1 SP1 - Authentication Bypass via X.509 Authentication

ToutVirtual VirtualIQ Pro - Unauthenticated Remote Command Execution via JBoss Console

OpenX 2.8.1 and 2.8.2 - Authentication Bypass

D-Link DIR-615 3.10NA - Unauthenticated Admin Password Change via apply.cgi

Graugon PHP Article Publisher 1.0 - Unauthenticated Authentication Bypass via g_admin Cookie

Digital Interchange Document Library 1.0.1 - Unauthenticated Administrator Credential Modification via save_user.asp

EZ-Blog Beta 1 - Unauthenticated Arbitrary Post Creation and Deletion

Varnish < 2.1.0 - Unauthenticated Remote Code Execution via CLI vcl.inline Directive

Mole Group Gastro Portal - Info Disclosure

RoomPHPlanning 1.6 - Unauthenticated Authentication Bypass via Cookie Manipulation

RoomPHPlanning 1.6 - Unauthenticated Arbitrary User and Room Deletion via admin/delitem.php

Xerver 4.32 - Unauthenticated Administrator Access via Port 32123

dB Masters Multimedia Links Directory 3.1.3 - Auth Bypass

Jax Guestbook 3.5.0 - Unauthenticated Authentication Bypass via Direct Admin Endpoint Access

Internet Initiative Japan SEIL/B1 <2.52 - Auth Bypass

Sitecore Staging Module <5.4.0 - Auth Bypass

Symantec Veritas Products - Unauthenticated Remote Code Execution via Crafted Data to TCP Port 14300

Microsoft Windows Vista/Server 2008 SP2 - RCE

Kide Shoutbox (com_kide) <0.4.6 - Auth Bypass

Best Practical Solutions RT <3.6.9, <3.8.5 - Session Fixation

Bestpractical RT - Authentication Bypass

GNU GRUB 2 1.97 - Improper Authentication via Password Length Bypass

myPhile 1.2.1 - Unauthenticated Authentication Bypass via Empty Password

telepark.wiki <2.4.23 - Auth Bypass

Previous Page 157 of 176 Next

Details

Vulnerabilities 4,376

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy