When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
4,377 vulnerabilities with CWE-287
CVE-2007-1228
IBM DB2 UDB <8.2-9 - Info Disclosure
CVE-2007-1160
webSPELL 4.0 - Unauthenticated Authentication Bypass via ws_auth Cookie
CVE-2007-1062
Cisco Unified IP Conference Station - Auth Bypass
CVE-2007-0435
T-Com Speedport 500V Firmware 1.31 - Unauthenticated Authentication Bypass via LOGINKEY Cookie
CVE-2006-5268
Trend Micro ServerProtect 5.58 and 5.7 - Remote Code Execution via RPC Interface
CVE-2006-6997
MailEnable Standard < 1.93, Professional < 1.73, Enterprise < 1.21 - Improper Authentication
CVE-2006-6783
logahead UNU 1.0 <20061226 - Auth Bypass
CVE-2006-6705
Soumu Workflow and Koukyoumuke Soumu Workflow - Authentication Bypass via Template Files
CVE-2006-4244
SQL-Ledger 2.4.4-2.6.17 - Unauthenticated Session Fixation via Cookie-Parameter Matching
CVE-2006-2113
Dell 3000cn - Authentication Bypass
CVE-2006-3583
Jetbox CMS 2.1 SR1 - Session Fixation via Crafted Link
CVE-2006-2380
Microsoft Windows 2000 SP4 - Improper Authentication via RPC Mutual Authentication
CVE-2006-2636
Katy Whitton NewsCMSLite - Unauthenticated Authentication Bypass via loggedIn Cookie
CVE-2006-2369
RealVNC 4.1.1 - Unauthenticated Authentication Bypass via Insecure Security Type
CVE-2006-2224
Quagga Routing Software Suite < 0.99.3 - Unauthenticated Routing State Modification via RIPv1 RESPONSE Packets
CVE-2006-1228
Drupal <4.5.8, <4.6 - Privilege Escalation
CVE-2006-0633
Invision Power Board 2.1.4 - Weak Password Reset Code Generation
CVE-2006-0416
sleeperchat < 0.3f - Unauthenticated Authentication Bypass via txt Parameter
CVE-2006-0374
Advantage Century Telecommunication P202S - Unauthenticated Remote Access via Undocumented Ports
CVE-2005-4851
eZ publish <3.7 - Privilege Escalation
CVE-2005-4861
Ragnarok Online Control Panel <4.3.4a - Auth Bypass
CVE-2005-4006
SAPID CMS < 1.2.3.03 - Unauthenticated Authentication Bypass via Direct Request
CVE-2005-3979
Coppermine Photo Gallery 1.4.2 and 1.4 beta - Unauthenticated Sensitive Information Exposure via relocate_server.php
CVE-2005-1957
File Upload Manager - Unauthenticated Arbitrary File Read and Delete via Base64-Encoded File Parameter
CVE-2005-1020
Cisco IOS 12.0-12.3 - Denial of Service via SSH Authentication
Details
Vulnerabilities
4,377
Exploit Likelihood
High