3 matches found
EUVD-2004-2079
Malware in sbrugna...
SandSurfer < 1.7.0 User Authentication Bypass
The remote host is running SandSurfer, a web-based time keeping application. A vulnerability has been disclosed in all versions of this software, up to version 1.6.5 included that could allow an attacker to access the application without authenticating. %NASLMINLEVEL 70300 C Tenable Network...
CVE-2004-2087
Unknown vulnerability in SandSurfer before 1.7.0 allows remote attackers to gain access as a logged-in user...