CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,205 vulnerabilities with CWE-200
CVE-2011-4850
Parallels Plesk Panel 10.4.4_build20111103.18 - Exposure of Sensitive Information via Missing HTTPOnly Cookie Flag
CVE-2011-4849
Parallels Plesk Panel 10.4.4_build20111103.18 - Exposure of Sensitive Information via Insecure Cookie Transmission
CVE-2011-4848
Parallels Plesk Panel 10.4.4_build20111103.18 - Exposure of Sensitive Information via Password in HTTP Response
CVE-2011-4767
Parallels Plesk Small Business Panel 10.2.0 - Exposure of Sensitive Information via Site Editor Pages
CVE-2011-4766
Parallels Plesk Small Business Panel 10.2.0 - ASP Source Code Exposure via Site Editor Direct Request
CVE-2011-4765
Parallels Plesk Small Business Panel 10.2.0 - Sensitive Information Exposure via Missing HTTPOnly Flag
CVE-2011-4760
Parallels Plesk Small Business Panel 10.2.0 - Exposure of Sensitive Information via Email Address Disclosure
CVE-2011-4759
Parallels Plesk Small Business Panel 10.2.0 - Exposure of Sensitive Information via Referer Log Leakage
CVE-2011-4756
Parallels Plesk Small Business Panel 10.2.0 - Exposure of Sensitive Information via Missing HTTPOnly Cookie Flag
CVE-2011-4751
SmarterStats 6.2.4100 - Cross-Domain Referer Leakage via frmGettingStarted.aspx
CVE-2011-4748
Parallels Plesk Panel 10.3.1_build1013110726.09 - Exposure of Sensitive Information via Billing System Web Pages
CVE-2011-4742
Parallels Plesk Panel 10.2.0 build 20110407.20 - Exposure of Sensitive Information via Email Address Disclosure
CVE-2011-4741
Parallels Plesk Panel 10.2.0 build 20110407.20 - Exposure of Sensitive Information via Database Connection String
CVE-2011-4740
Parallels Plesk Panel 10.2.0 build 20110407.20 - Exposure of Sensitive Information via Cross-Domain Referer Leakage
CVE-2011-4738
Parallels Plesk Panel 10.2.0 - Sensitive Information Exposure via Missing HTTPOnly Flag
CVE-2011-4737
Parallels Plesk Panel 10.2.0 build 20110407.20 - Exposure of Sensitive Information via Password in HTTP Response
CVE-2011-4731
Parallels Plesk Panel 10.2.0_build1011110331.18 - Exposure of Sensitive Information via RFC 1918 IP Address Disclosure
CVE-2011-4728
Parallels Plesk Panel 10.2.0_build101110331.18 - Exposure of Sensitive Information via Insecure Cookie Transmission
CVE-2011-4598
Asterisk 1.6.2.x < 1.6.2.21 and 1.8.x < 1.8.7.2 - Denial of Service via SIP Request Handling
CVE-2011-4597
Asterisk 1.4.x < 1.4.43, 1.6.x < 1.6.2.21, 1.8.x < 1.8.7.2 - Username Enumeration via SIP UDP Response Port Variation
CVE-2011-3404
Microsoft Internet Explorer 6-9 - Info Disclosure
CVE-2011-0291
BlackBerry Tablet OS - Privilege Escalation via Crafted Backup Archive Configuration File
CVE-2011-3179
Novell GroupWise Messenger < 2.0.4 and Messenger 2.1-2.2 - Unauthenticated Arbitrary Memory Read via Crafted Command
CVE-2011-4497
ASUS RT-N56U Firmware < 1.0.1.4 - Unauthenticated Administrator Password Exposure via QIS_wizard.htm
CVE-2011-4457
OWASP HTML Sanitizer < 88 - Information Exposure via FORM Element in NOSCRIPT
Details
Vulnerabilities
10,205
Exploit Likelihood
High