CVE-2007-1160

webSPELL 4.0, and possibly later versions, allows remote attackers to bypass authentication via a ws_auth cookie, a different vulnerability than CVE-2006-4782. This vulnerability may affect more recent versions of the product as well. (WebSPELL, WebSPELL, 4.0 and later)

Publication date: Sat, 03 Mar 2007 03:18:00 +0000

Cyber News related to CVE-2007-1160

CVE-2011-1161 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-1160, CVE-2011-1162. Reason: This candidate was withdrawn by its CNA. Further investigation showed that only two candidates, CVE-2011-1160 and CVE-2011-1162, were needed for the ...
55 years ago Tenable.com

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
6 years ago

CVE-2007-1160 - webSPELL 4.0, and possibly later versions, allows remote attackers to bypass authentication via a ws_auth cookie, a different vulnerability than CVE-2006-4782. This vulnerability may affect more recent versions of the product as well. (WebSPELL, ...
6 years ago

CVE-2005-1532 - Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property ...
7 years ago

CVE-2016-1160 - Cross-site scripting (XSS) vulnerability in the WP Favorite Posts plugin before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
3 years ago

CVE-2000-1160 - NAI Sniffer Agent allows remote attackers to cause a denial of service (crash) by sending a large number of login requests. ...
16 years ago

CVE-2004-1160 - Netscape 7.x to 7.2, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up ...
16 years ago

CVE-2009-1160 - Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote ...
15 years ago

CVE-2010-1160 - GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in a file-save operation, which allows local user-assisted attackers to overwrite arbitrary files via a symlink attack on an attacker-owned file that is ...
14 years ago

CVE-2013-1160 - Cross-site scripting (XSS) vulnerability in the OpenView web menus in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud56743. ...
11 years ago

CVE-1999-1160 - Vulnerability in ftpd/kftpd in HP-UX 10.x and 9.x allows local and possibly remote users to gain root privileges. ...
8 years ago

CVE-2002-1160 - The default configuration of the pam_xauth module forwards MIT-Magic-Cookies to new X sessions, which could allow local users to gain root privileges by stealing the cookies from a temporary .xauth file, which is created with the original user's ...
8 years ago

CVE-2017-1160 - IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.0.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially ...
7 years ago

CVE-2003-1160 - FlexWATCH Network video server 132 allows remote attackers to bypass authentication and gain administrative privileges via an HTTP request to aindex.htm that contains double leading slashes (//). ...
7 years ago

CVE-2001-1160 - udirectory.pl in Microburst Technologies uDirectory 2.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the category_file field. ...
7 years ago

CVE-2005-1160 - The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the ...
7 years ago

CVE-2008-1160 - ZyXEL ZyWALL 1050 has a hard-coded password for the Quagga and Zebra processes that is not changed when it is set by a user, which allows remote attackers to gain privileges. ...
11 months ago

CVE-2006-1160 - Cross-site scripting (XSS) vulnerability in Easy File Sharing (EFS) Web Server 3.2 allows remote attackers to inject arbitrary web script or HTML via the Description field in creating a folder or uploading a file. ...
6 years ago

CVE-2012-1160 - Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.php ...
5 years ago

CVE-2021-1160 - Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart ...
3 years ago

CVE-2020-1160 - An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. ...
3 years ago

CVE-2011-1160 - The tpm_open function in drivers/char/tpm/tpm.c in the Linux kernel before 2.6.39 does not initialize a certain buffer, which allows local users to obtain potentially sensitive information from kernel memory via unspecified vectors. ...
1 year ago

CVE-2023-1160 - Use of Platform-Dependent Third Party Components in GitHub repository cockpit-hq/cockpit prior to 2.4.0. ...
1 year ago

CVE-2023-25069 - TXOne StellarOne has an improper access control privilege escalation vulnerability in every version before V2.0.1160 that could allow a malicious, falsely authenticated user to escalate his privileges to administrator level. With these privileges, an ...
1 year ago

CVE-2022-1160 - heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647. ...
1 year ago

Latest Cyber News

CVE-2024-11848 - 4 hours ago
CVE-2024-11851 - 4 hours ago
CVE-2024-12593 - 4 hours ago
CVE-2025-0439 - 5 hours ago
CVE-2025-0440 - 5 hours ago
CVE-2025-0441 - 5 hours ago
CVE-2025-0442 - 5 hours ago
CVE-2025-0443 - 5 hours ago
CVE-2025-0446 - 5 hours ago
CVE-2025-0447 - 5 hours ago
CVE-2025-0448 - 5 hours ago
CVE-2024-35280 - 5 hours ago
CVE-2025-0193 - 5 hours ago
CVE-2025-0434 - 5 hours ago
CVE-2025-0435 - 5 hours ago
CVE-2025-0436 - 5 hours ago
CVE-2025-0437 - 5 hours ago
CVE-2025-0438 - 5 hours ago
CVE-2024-9636 - 6 hours ago
CVE-2024-10775 - 6 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2023-37931 - 1 day ago
CVE-2023-37936 - 1 day ago
CVE-2023-37937 - 1 day ago
CVE-2023-42785 - 1 day ago
CVE-2023-42786 - 1 day ago
CVE-2023-46715 - 1 day ago
CVE-2024-11497 - 1 day ago
CVE-2024-11863 - 1 day ago
CVE-2024-11864 - 1 day ago
CVE-2024-21758 - 1 day ago
CVE-2024-23106 - 1 day ago
CVE-2024-26012 - 1 day ago
CVE-2024-27778 - 1 day ago
CVE-2024-32115 - 1 day ago
CVE-2024-33502 - 1 day ago
CVE-2024-33503 - 1 day ago
CVE-2024-35273 - 1 day ago
CVE-2024-35275 - 1 day ago
CVE-2024-35276 - 1 day ago
CVE-2024-35277 - 1 day ago