When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
4,376 vulnerabilities with CWE-287
CVE-2008-0926
Novell eDirectory < 8.7.3.10 - Unauthenticated Denial of Service and Arbitrary File Read via SOAP Interface
CVE-2008-1238
Mozilla Firefox <2.0.0.13 & SeaMonkey <1.1.9 - CSRF
CVE-2008-1528
ZyXEL Prestige 660 661 662 3.40(AGD.2)-3.40(AHQ.3) - Authenticated Information Disclosure via Direct HTML Request
CVE-2008-1469
Gallarific Free Edition 1.1 - Unauthenticated Object Editing via Direct Request
CVE-2008-1395
Plone CMS - Improper Authentication via Client-Side Logout Mechanism
CVE-2008-1356
Solaris 10 Java Desktop System - Authentication Bypass via GNOME On-Screen Keyboard
CVE-2008-1334
BT Home Hub - Unauthenticated Authentication Bypass via PATH_INFO Character Injection
CVE-2008-1321
ASG-Sentry Network Manager <7.0.0 - DoS
CVE-2008-1327
gallarific - Unauthenticated Task Manipulation via users.php and index.php
CVE-2008-1244
Belkin F5D7230-4 <9.01.10 - Auth Bypass
CVE-2008-1259
Zyxel P-2602HW-D1A 3.40(AJZ.1) - Unauthenticated Authentication Bypass via IP Address Spoofing
CVE-2008-1262
Airspan WiMax ProST 4.1-6.5.38.0 - Auth Bypass
CVE-2008-1264
Linksys WRT54G - Unauthenticated Sensitive File Access via Default FTP Credentials
CVE-2008-1268
Linksys WRT54G 7.00.1 - Unauthenticated FTP Access
CVE-2008-1269
Alice Gate 2 Plus Wi-Fi - Auth Bypass
CVE-2008-1134
OMEGA INterneSErvicesLosungen 7 - Improper Authentication via Cookie Modification
CVE-2008-1130
IBM WebSphere MQ <6.0.2.2, 5.3 - Auth Bypass
CVE-2008-0895
BEA WebLogic Server 6.1-10.0 - Unauthenticated Authentication Bypass via Crafted Request Headers
CVE-2008-0823
Drupal Header Image Module - Unauthenticated Administration Page Access
CVE-2008-0640
Symantec Ghost Solution Suite 1.1-2.0.1 - Unauthenticated Remote Command Execution via RPC Requests
CVE-2008-0476
ManageEngine Applications Manager 8.1 build 8100 - Unauthenticated Sensitive Information Exposure
CVE-2008-0407
HTTP File Server < 2.2b - Improper Authentication Logging
CVE-2008-0408
HTTP File Server < 2.2b - Unauthenticated Log File Tampering via Base64 HTTP Basic Authentication
CVE-2008-0410
HTTP File Server < 2.2b - Unauthenticated Information Disclosure via Malformed Basic Authentication
CVE-2008-0466
Web Wiz Rich Text Editor 4.0, Forums 9.07, Newspad 1.02 - Unauthenticated Directory Listing & File Read
Details
Vulnerabilities
4,376
Exploit Likelihood
High