Vulnerabilities (CVE)

Filtered by CWE-287
Total 3633 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-2505 1 Microsoft 2 Windows Server 2008, Windows Vista 2025-04-09 10.0 HIGH N/A
The Internet Authentication Service (IAS) in Microsoft Windows Vista SP2 and Server 2008 SP2 does not properly validate MS-CHAP v2 Protected Extensible Authentication Protocol (PEAP) authentication requests, which allows remote attackers to execute arbitrary code via crafted structures in a malformed request, aka "Internet Authentication Service Memory Corruption Vulnerability."
CVE-2008-7028 1 Aves 1 Rpg Board 2025-04-09 7.5 HIGH N/A
RPG.Board 0.8 Beta2 and earlier allows remote attackers to bypass authentication and gain privileges by setting the keep4u cookie to a certain value.
CVE-2009-2334 1 Wordpress 2 Wordpress, Wordpress Mu 2025-04-09 4.9 MEDIUM N/A
wp-admin/admin.php in WordPress and WordPress MU before 2.8.1 does not require administrative authentication to access the configuration of a plugin, which allows remote attackers to specify a configuration file in the page parameter to obtain sensitive information or modify this file, as demonstrated by the (1) collapsing-archives/options.txt, (2) akismet/readme.txt, (3) related-ways-to-take-action/options.php, (4) wp-security-scan/securityscan.php, and (5) wp-ids/ids-admin.php files. NOTE: this can be leveraged for cross-site scripting (XSS) and denial of service.
CVE-2007-5008 1 Hp 1 Hp-ux 2025-04-09 9.0 HIGH N/A
The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status, which allows remote attackers to obtain privileges when certain "password issues" are not detected.
CVE-2008-6951 1 Cms.maury91 1 Maurycms 2025-04-09 7.5 HIGH N/A
MauryCMS 0.53.2 and earlier does not require administrative authentication for Editors/fckeditor/editor/filemanager/browser/default/browser.html, which allows remote attackers to upload arbitrary files via a direct request.
CVE-2009-1664 1 Easy-scripts 1 Answer And Question Script 2025-04-09 7.5 HIGH N/A
myaccount.php in Easy Scripts Answer and Question Script does not verify the original password before changing passwords, which allows remote attackers to change the password of other users and gain privileges via modified userid, txtpassword, and txtRpassword parameters.
CVE-2009-0125 1 Finkproject 1 Libnasl 2025-04-09 5.0 MEDIUM N/A
NOTE: this issue has been disputed by the upstream vendor. nasl/nasl_crypto2.c in the Nessus Attack Scripting Language library (aka libnasl) 2.2.11 does not properly check the return value from the OpenSSL DSA_do_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. NOTE: the upstream vendor has disputed this issue, stating "while we do misuse this function (this is a bug), it has absolutely no security ramification.
CVE-2007-5987 1 Bti-tracker 1 Bti-tracker 2025-04-09 6.8 MEDIUM N/A
details.php in BtiTracker before 1.4.5, when torrent viewing is disabled for guests, allows remote attackers to bypass protection mechanisms via a direct request, as demonstrated by (1) reading the details of an arbitrary torrent and (2) modifying a torrent owned by a guest.
CVE-2009-0440 1 Ibm 1 Websphere Partner Gateway 2025-04-09 6.5 MEDIUM N/A
IBM WebSphere Partner Gateway (WPG) 6.0.0 through 6.0.0.7 does not properly handle failures of signature verification, which might allow remote authenticated users to submit a crafted RosettaNet (aka RNIF) document to a backend application, related to (1) "altered service content" and (2) "digital signature foot-print."
CVE-2009-0126 1 Berkeley 1 Boinc Client 2025-04-09 5.0 MEDIUM N/A
The decrypt_public function in lib/crypt.cpp in the client in Berkeley Open Infrastructure for Network Computing (BOINC) 6.2.14 and 6.4.5 does not check the return value from the OpenSSL RSA_public_decrypt function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
CVE-2008-4614 1 Portalapp 1 Portalapp 2025-04-09 7.5 HIGH N/A
PortalApp 4.0 does not require authentication for (1) forums.asp and (2) content.asp, which allows remote attackers to create and delete forums, topics, and replies.
CVE-2009-4447 1 Jax Scripts 1 Jax Guestbook 2025-04-09 7.5 HIGH N/A
Jax Guestbook 3.5.0 allows remote attackers to bypass authentication and modify administrator settings via a direct request to admin/guestbook.admin.php.
CVE-2008-3425 1 Sun 2 Java System Web Server Plugin, N1 Service Provisioning System 2025-04-09 6.5 MEDIUM N/A
Unspecified vulnerability in the Sun Java System Web Server 7.0 plugin in Sun N1 Service Provisioning System (SPS) 5.2 and 6.0 allows remote authenticated SPS users to gain administrative access to the web server via unknown attack vectors.
CVE-2007-5085 1 Apache 1 Geronimo 2025-04-09 5.0 MEDIUM N/A
Unspecified vulnerability in the management EJB (MEJB) in Apache Geronimo before 2.0.2 allows remote attackers to bypass authentication and obtain "access to Geronimo internals" via unspecified vectors.
CVE-2009-2070 1 Opera 1 Opera Browser 2025-04-09 6.8 MEDIUM N/A
Opera displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request.
CVE-2008-7086 1 Maianscriptworld 1 Maian Greetings 2025-04-09 7.5 HIGH N/A
Maian Greetings 2.1 allows remote attackers to bypass authentication and gain administrative privileges by setting the mecard_admin_cookie cookie to admin.
CVE-2008-7019 1 Esqlanelapse 1 Esqlanelapse 2025-04-09 7.5 HIGH N/A
Esqlanelapse 2.6.1 and 2.6.2 allows remote attackers to bypass authentication and gain privileges via modified (1) enombre and (2) euri cookies.
CVE-2009-0891 1 Ibm 1 Websphere Application Server 2025-04-09 5.5 MEDIUM N/A
The Web Services Security component in IBM WebSphere Application Server 7.0 before Fix Pack 1 (7.0.0.1), 6.1 before Fix Pack 23 (6.1.0.23),and 6.0.2 before Fix Pack 33 (6.0.2.33) does not properly enforce (1) nonce and (2) timestamp expiration values in WS-Security bindings as stored in the com.ibm.wsspi.wssecurity.core custom property, which allows remote authenticated users to conduct session hijacking attacks.
CVE-2008-4037 1 Microsoft 4 Windows, Windows 2000, Windows Server 2008 and 1 more 2025-04-09 9.3 HIGH N/A
Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka "SMB Credential Reflection Vulnerability." NOTE: some reliable sources report that this vulnerability exists because of an insufficient fix for CVE-2000-0834.
CVE-2008-0476 1 Manageengine 1 Applications Manager 2025-04-09 6.4 MEDIUM N/A
ManageEngine Applications Manager 8.1 build 8100 does not check authentication for monitorType.do and unspecified other pages, which allows remote attackers to obtain sensitive information and change settings via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.