| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to bypass authentication via direct requests on TCP port 5102. |
| MyPicGallery 1.0 allows remote attackers to bypass application authentication and gain administrative access by setting the userID parameter to "admin" in a direct request to admin/addUser.php. |
| Admin.php in Web Slider 0.6 allows remote attackers to bypass authentication and gain privileges by setting the admin cookie to 1. |
| phpscripts Ranking Script allows remote attackers to bypass authentication and gain administrative access by sending an admin=ja cookie. |
| Symantec Ghost Solution Suite 1.1 before 1.1 patch 2, 2.0.0, and 2.0.1 does not authenticate connections between the console and the Ghost Management Agent, which allows remote attackers to execute arbitrary commands via unspecified RPC requests in conjunction with ARP spoofing. |
| PortalApp 4.0 does not require authentication for (1) forums.asp and (2) content.asp, which allows remote attackers to create and delete forums, topics, and replies. |
| Unspecified vulnerability in the SSH server in (1) Cisco Service Control Engine (SCE) 3.0.x before 3.0.7 and 3.1.x before 3.1.0, and (2) Icon Labs Iconfidant SSH before 2.3.8, allows remote attackers to cause a denial of service (management interface outage) via SSH traffic that occurs during management operations and triggers "illegal I/O operations," aka Bug ID CSCsh49563. |
| admin.php in dB Masters Multimedia Links Directory 3.1.3 allows remote attackers to bypass authentication and gain administrative access via a certain value of the admin_log cookie. |
| Session fixation vulnerability in Shared Sign-On 5.x and 6.x, a module for Drupal, allows remote attackers to hijack web sessions via unspecified vectors. |
| Web Wiz RTE_file_browser.asp in, as used in Web Wiz Rich Text Editor 4.0, Web Wiz Forums 9.07, and Web Wiz Newspad 1.02, does not require authentication, which allows remote attackers to list directories and read files. NOTE: this can be leveraged for listings outside the configured directory tree by exploiting a separate directory traversal vulnerability. |
| AJ Square AJ Auction OOPD, Pro Platinum Skin #1, Pro Platinum Skin #2, and Web 2.0 send a redirect but do not exit when certain scripts are called directly, which allows remote attackers to bypass authentication via a direct request to (1) site.php, (2) auction.php, (3) mail.php, (4) fee_setting.php, (5) earnings.php, (6) insertion_fee_settings.php, (7) custom_category.php, (8) subcategory.php, (9) category.php, (10) report.php, (11) store_manager.php, and (12) choose_sell_format.php in admin/, and possibly other vectors. |
| Unspecified vulnerability in the management EJB (MEJB) in Apache Geronimo before 2.0.2 allows remote attackers to bypass authentication and obtain "access to Geronimo internals" via unspecified vectors. |
| NetSupport Manager Client before 10.20.0004 allows remote attackers to bypass the (1) basic and (2) authentication schemes by spoofing the NetSupport Manager. |
| index.php in FTP Admin 0.1.0 allows remote attackers to bypass authentication and obtain administrative access via a loggedin parameter with a value of true, as demonstrated by adding a user account. |
| Cisco Trust Agent (CTA) before 2.1.104.0, when running on MacOS X, allows attackers with physical access to bypass authentication and modify System Preferences, including passwords, by invoking the Apple Menu when the Access Control Server (ACS) produces a user notification message after posture validation. |
| The FWDOWNL firmware-download implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers to cause a denial of service (traffic amplification) via an IAX2 FWDOWNL request. |
| Session fixation vulnerability in Plogger allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. |
| sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service (OOPS) via an INIT-ACK that states the peer does not support AUTH, which causes the sctp_process_init function to clean up active transports and triggers the OOPS when the T1-Init timer expires. |
| IBM DB2 UDB 8.2 before Fixpak 7 (aka fixpack 14), and DB2 9 before Fix Pack 2, on UNIX allows the "fenced" user to access certain unauthorized directories. |
| zKup CMS 2.0 through 2.3 does not require administrative authentication for admin/configuration/modifier.php, which allows remote attackers to gain administrator privileges via a direct request, as demonstrated by adding a new administrator. |