When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
4,377 vulnerabilities with CWE-287
CVE-2007-6011
BugHotel Reservation System <4.9.9 - Auth Bypass
CVE-2007-6006
TestLink < 1.7.0 - Improper Authentication
CVE-2007-4680
CFNetwork <10.4.11 - Info Disclosure
CVE-2007-4693
Mac OS X 10.4-10.4.10 - Privilege Escalation
CVE-2007-4692
Safari < 3.0.3 - HTTP Authentication Spoofing via Tabbed Browsing
CVE-2007-5987
BtiTracker < 1.3.2 - Unauthenticated Torrent Details Disclosure and Modification via Direct Request
CVE-2007-5988
BtiTracker < 1.4.4 - Unauthenticated User Impersonation via Shoutbox Nick Field
CVE-2007-5770
Ruby 1.8.5-1.8.6 - Improper Certificate Validation in Net Libraries
CVE-2007-5913
JBC Explorer < 7.20_rc1 - Unauthenticated Authentication Bypass via auth.php Parameter Manipulation
CVE-2007-5797
Apache Geronimo 2.0-2.1 - Improper Authentication via Nonexistent Username Bypass
CVE-2007-5791
Vonage Motorola Phone Adapter VT2142-VD - Improper Authentication via Spoofed SIP INVITE Messages
CVE-2007-5752
PHP-AGTC Membership System 1.1a - Unauthenticated Account Creation via adduser.php
CVE-2007-5714
Gentoo mldonkey_ebuild < 2.9.0 - Improper Authentication via Default Empty Password
CVE-2007-5578
Basic Analysis and Security Engine < 1.3.8 - Authentication Bypass via Redirect Handling
CVE-2007-5391
HP Select Identity 4.01-4.01.010 and 4.10-4.13.001 - Improper Authentication
CVE-2007-5383
Alcatel SpeedTouch 7G Router - Authentication Bypass via Double-Slash Path
CVE-2007-5374
LightBlog 8.4.1.1 - Authenticated Privilege Escalation via cp_memberedit.php
CVE-2007-5006
CA BrightStor ARCserve Backup r11.0-r11.5 - Unauthenticated Remote User Management
CVE-2007-5152
Sun Java System Access Manager 7.1 - Unauthenticated Administrative Access After Container Restart
CVE-2007-5162
Ruby 1.8.5-1.8.6 - Improper Certificate Validation in Net::HTTP and Net::HTTPS
CVE-2007-3754
Apple iPhone 1.1.1 - Improper Authentication in Mail SSL Certificate Validation
CVE-2007-5113
Google Urchin < 5.7.03 - Authentication Bypass via Modified Query Parameters
CVE-2007-5085
Apache Geronimo - Authentication Bypass in Management EJB
CVE-2007-5057
NetSupport Manager Client - Improper Authentication Bypass via Spoofing
CVE-2007-5008
HP-UX B.11.11 B.11.23 B.11.31 - Improper Authentication via logins Command
Details
Vulnerabilities
4,377
Exploit Likelihood
High