324 matches found
Outblaze Webmail - Cookie Authentication Bypass
// source: https://www.securityfocus.com/bid/7115/info Outblaze web mail service has been reported prone to an authentication cookie spoofing vulnerability. This issue may allow a malicious attacker to bypass the cookie-based authentication mechanisms used by the affected Outblaze web mail server...
x_news allows unauthorized users to access administrative menu
Overview xnews allows a user to authenticate without supplying the user's plaintext password. Description xnews is a system for managing news. When a user logs in to xnews version 1.1 using a plaintext password, xnews hashes the password with MD5 and compares it to user's hash stored in the file...
CVE-2002-0491
The CVE-2002-0491 entry concerns AlGuest 1.0 guestbook’s admin.php authentication, which incorrectly relies on the existence of an admin cookie. An attacker can set the admin cookie to an arbitrary value, bypassing authentication and gaining administrative privileges. The vulnerability is web‑acc...
CVE-2002-0486
Affected: Intellisol Xpede 4.1. The CVE-2002-0486 entry describes that the product stores authentication information in cookies using weak encryption, enabling local access to cookies to escalate privileges. Root cause: weak encryption used for cookie-stored credentials. Impact: according to NVD ...