When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
4,376 vulnerabilities with CWE-287
CVE-2008-7047
NatterChat 1.1 - Unauthenticated Authentication Bypass via Direct Admin Endpoint Access
CVE-2008-7046
AJ Square Free Polling Script - Unauthenticated Authentication Bypass via Direct Request to newpoll.php
CVE-2008-7045
AJ Square Free Polling Script - Unauthenticated Authentication Bypass via Direct Request to admin/resetvote.php
CVE-2008-7041
ajsquare aj_classifieds - Unauthenticated Authentication Bypass via Direct Admin Page Access
CVE-2008-7028
RPG.Board <= 0.8 Beta2 - Unauthenticated Authentication Bypass via keep4u Cookie
CVE-2008-7027
Libra File Manager <= 1.18 - Unauthenticated Authentication Bypass via Cookie Manipulation
CVE-2008-7019
esqlanelapse 2.6.1-2.6.2 - Unauthenticated Authentication Bypass via Cookie Manipulation
CVE-2008-7008
HyperStop Web Host Directory 1.2 - Unauthenticated Database Backup Download via Direct Request
CVE-2008-7007
Free PHP VX Guestbook 1.06 - Unauthenticated Authentication Bypass via Cookie Manipulation
CVE-2008-7006
Free PHP VX Guestbook 1.06 - Unauthenticated Database Backup Download via Direct Request
CVE-2008-6984
Plesk 8.6.0 - Authentication Bypass via Short Mail Login Names
CVE-2008-6965
AJ Square AJ Auction - Unauthenticated Authentication Bypass via Direct Script Request
CVE-2008-6951
MauryCMS <= 0.53.2 - Unauthenticated Arbitrary File Upload via FCKeditor Browser
CVE-2008-6947
Collabtive 0.4.8 - Unauthenticated Authentication Bypass and Privilege Escalation via Admin User Creation
CVE-2008-6939
TurnkeyForms Web Hosting Directory - Unauthenticated Authentication Bypass via Cookie Manipulation
CVE-2008-6919
TaskDriver < 1.3 - Unauthenticated Authentication Bypass via Auth Cookie
CVE-2008-6916
Siemens SpeedStream 5200 with NetPort Software 1.1 - Authentication Bypass via Invalid Host Header
CVE-2008-6912
Zeeways SHAADICLONE 2.0 - Unauthenticated Authentication Bypass via Direct Admin Page Access
CVE-2008-6864
Absolute Live Support .NET 5.1 - Unauthenticated Authentication Bypass via Cookie Manipulation
CVE-2008-6863
Xigla Absolute Form Processor .NET 4.0 - Unauthenticated Authentication Bypass via Cookie Manipulation
CVE-2008-6862
Absolute Content Rotator 6.0 - Unauthenticated Authentication Bypass via Cookie Manipulation
CVE-2008-6861
Xigla Absolute Newsletter 6.0 and 6.1 - Unauthenticated Authentication Bypass via Cookie Manipulation
CVE-2008-6860
Absolute Poll Manager XE 4.1 - Unauthenticated Authentication Bypass via Cookie Manipulation
CVE-2008-6859
Absolute Control Panel XE 1.5 - Unauthenticated Authentication Bypass via Cookie Manipulation
CVE-2008-6858
Absolute Banner Manager .NET 4.0 - Unauthenticated Authentication Bypass via Cookie Manipulation
Details
Vulnerabilities
4,376
Exploit Likelihood
High