When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
4,377 vulnerabilities with CWE-287
CVE-2007-4747
Cisco Video Surveillance IP Gateway/Decoder <1.8.1 & SP/ISP <1.23.7 - Unauthenticated Telnet Admin Access
CVE-2007-4632
Cisco IOS 12.2E/12.2F/12.2S - Auth Bypass
CVE-2007-4548
Apache Geronimo 2.0 - Improper Authentication via Blank Credentials Bypass
CVE-2007-4438
ampache < 3.3.3.4 - Session Fixation
CVE-2007-4419
Olate Download (od) 3.4.1 - Info Disclosure
CVE-2007-4364
Fedora Commons <2.2.1 - Info Disclosure
CVE-2007-4203
Mambo Open Source 4.6.2 - Session Fixation via Cookie Parameter
CVE-2007-4043
CRITICAL
Secure Computing SecurityReporter <4.6.3 - Auth Bypass
CVSS 9.8
CVE-2007-3988
Virtual Hosting Control System < 2.4.7.1 - Session Fixation via PHPSESSID Parameter
CVE-2007-3597
Zen Cart < 1.3.7 - Session Fixation via Cookie Parameter
CVE-2007-3184
macOS X - Unauthenticated System Preferences Modification via Apple Menu Invocation
CVE-2007-3177
Ingate Firewall and SIParator < 4.5.2 - SIP Authentication Bypass via maddr Parameter
CVE-2007-3050
chameleon_cms < 3.0 - Session Fixation via PHPSESSID Parameter
CVE-2007-2719
HP Systems Insight Manager <5.0 SP5 - Info Disclosure
CVE-2007-2555
Podium CMS - Session Fixation via META HTTP-EQUIV Set-cookie in Default.aspx
CVE-2007-2546
Simple Machines Forum <1.1.2 - Info Disclosure
CVE-2007-1859
XScreenSaver 4.10 - Authentication Bypass via getpwuid Function
CVE-2007-2277
Plogger - Session Fixation via PHPSESSID Parameter
CVE-2007-2243
OpenSSH <= 4.6 - User Enumeration via S/KEY ChallengeResponseAuthentication
CVE-2007-1966
CRITICAL
eXV2 CMS 2.0.4.3 - Session Fixation via PHPSESSID Cookie
CVSS 9.1
CVE-2007-1949
WebBlizzard CMS - Session Fixation via PHPSESSID Cookie
CVE-2007-1951
onelook obo Shop - Session Fixation via PHPSESSID Cookie
CVE-2007-1952
onelook onebyone_cms - Session Fixation via PHPSESSID Cookie
CVE-2007-1953
onelook courts_online - Session Fixation via PHPSESSID Cookie
CVE-2007-1480
Creative Guestbook 1.0 - Unauthenticated Administrative Account Creation via Direct Request
Details
Vulnerabilities
4,377
Exploit Likelihood
High