CyberSec.Space Logo
Back to CVE Browser

CVE-2007-1160

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1490%
EPSS Percentile5.22th
PublishedMar 2, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

webSPELL 4.0, and possibly later versions, allows remote attackers to bypass authentication via a ws_auth cookie, a different vulnerability than CVE-2006-4782.

Affected Platforms (CPE)

πŸ“¦
Webspell

Webspell

= 4.0

References & Advisories

πŸ”— http://osvdb.org/33143
πŸ”— http://securityreason.com/securityalert/2337
πŸ”— http://www.securityfocus.com/archive/1/460937/100/0/threaded
πŸ”— http://osvdb.org/33143
πŸ”— http://securityreason.com/securityalert/2337
πŸ”— http://www.securityfocus.com/archive/1/460937/100/0/threaded

Related Vulnerabilities

CVE-2006-53887.5

SQL injection vulnerability in index.php in WebSPELL 4.01.01 and earlier allows remote attackers to execute arbitrary SQL commands...

CVE-2007-04927.5

Multiple SQL injection vulnerabilities in gallery.php in webSPELL 4.01.02 and earlier allow remote attackers to execute arbitrary ...

CVE-2006-07287.5

SQL injection vulnerability in search.php in webSPELL 4.01.00 and earlier allows remote attackers to inject arbitrary SQL commands...

CVE-2007-05027.5

SQL injection vulnerability in gallery.php in webSPELL 4.01.02 allows remote attackers to execute arbitrary SQL commands via the p...