Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-306

CWE-306

High likelihood

Missing Authentication for Critical Function

Parent: CWE-287 - Improper Authentication

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

2,453 vulnerabilities with CWE-306

CVE-2014-125124 CRITICAL

Pandora FMS <= 5.0RC1 - Unauthenticated Remote Command Execution via Anyterm p Parameter

CVE-2014-125118 CRITICAL

eScan Web Management Console <5.5-2 - Command Injection

CVE-2014-125116 CRITICAL

HybridAuth 2.0.9-2.2.2 - Unauthenticated Remote Code Execution via install.php Config Injection

CVE-2014-3449 CRITICAL

BSS Continuity CMS 4.2.22640.0 - Authentication Bypass

CVE-2014-7271 HIGH

SDDM <0.10.0 - Privilege Escalation

Schneider Electric ETG3000 - Info Disclosure

Phoenix Contact ProConOs & MultiProg - RCE

BMC Track-It! 11.3.0.355 - Unauthenticated Remote Code Execution via .NET Remoting

Siemens RuggedCom ROS <3.11-4.0 - DoS

CVE-2013-10046 HIGH

Agnitum Outpost Internet Security 8.1 - Privilege Escalation

CVE-2013-10032 HIGH

GetSimpleCMS <3.2.1 - Authenticated RCE

CVE-2013-1793 HIGH

OpenStack - Missing Authentication for Critical Function in Password Creation

CVE-2012-10062 HIGH

XAMPP < 1.7.3 - Authenticated Remote Code Execution via WebDAV PHP Upload

CVE-2012-10030 CRITICAL

FreeFloat FTP Server - Unauthenticated RCE

CVE-2012-2736 MEDIUM

NetworkManager 0.9.2.0 - Info Disclosure

CVE-2011-10013 CRITICAL

Traq Project Issue Tracking System 2.0-2.3 - Unauthenticated Remote Code Execution via Admin Plugin Injection

CVE-2011-4322 HIGH

WebsiteBaker <= 2.8.1 - Unauthenticated Backup Module Access

CVE-2011-2187 HIGH

xscreensaver <5.14 - Info Disclosure

CVE-2011-4190 MEDIUM

kdump <2012-01-20 - Info Disclosure

Google Chrome < 17.0.963.83 - Unauthenticated Extension Installation

CVE-2010-5326 CRITICAL KEV

SAP NetWeaver Application Server Java <7.3 - RCE

Frax.dk Php Recommend <= 1.3 - Unauthenticated Privilege Escalation via Password Change

CVE-2008-6827 HIGH

Symantec Altiris Deployment Solution 6.0-6.9.355 - Local Privilege Escalation via Shatter Attack on AClient.exe

MIT Kerberos 5 < 1.6.1 - Unauthenticated Authentication Bypass via Telnet Username Prefix

CVE-2006-0062 CRITICAL

xlockmore 5.13 - Privilege Escalation

Previous Page 98 of 99 Next

Details

Vulnerabilities 2,453

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy