CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,205 vulnerabilities with CWE-200
CVE-2011-3769
PHPads 2.0 - Exposure of Sensitive Information via Direct Request to .php Files
CVE-2011-3768
Phorum 5.2.15a - Exposure of Sensitive Information via Direct Request to PHP Files
CVE-2011-3767
osCommerce 3.0a5 - Exposure of Sensitive Information via Direct Request to PHP Files
CVE-2011-3766
OrangeHRM 2.6.0.2 - Info Disclosure
CVE-2011-3765
Open-Realty 2.5.8 - Info Disclosure
CVE-2011-3764
OpenDocMan 1.2.6-svn-2011-01-21 - Info Disclosure
CVE-2011-3763
OpenCart <1.4.9.3 - Info Disclosure
CVE-2011-3762
OpenBlog 1.2.1 - Exposure of Sensitive Information via Direct Request to PHP Files
CVE-2011-3761
NuSOAP 0.9.5 - Exposure of Sensitive Information via Direct Request to .php Files
CVE-2011-3760
Nucleus CMS 3.61 - Exposure of Sensitive Information via Direct PHP File Request
CVE-2011-3759
MyBB 1.6 - Exposure of Sensitive Information via Direct Request to PHP Files
CVE-2011-3758
::mound:: 2.1.6 - Info Disclosure
CVE-2011-3757
Moodle 2.0.1 - Exposure of Sensitive Information via Direct Request to PHP Files
CVE-2011-3756
MicroBlog 0.9.5 - Exposure of Sensitive Information via Direct PHP File Request
CVE-2011-3755
MantisBT 1.2.4 - Exposure of Sensitive Information via Direct PHP File Request
CVE-2011-3754
Mambo 4.6.5 - Exposure of Sensitive Information via Direct Request to PHP Files
CVE-2011-3753
LinPHA 1.3.4 - Exposure of Sensitive Information via Direct PHP File Request
CVE-2011-3752
LimeSurvey <build9642-20101214 - Info Disclosure
CVE-2011-3751
LifeType 1.2.10 - Unauthenticated Sensitive Information Exposure via Direct PHP File Request
CVE-2011-3750
kPlaylist 1.8.502 - Info Disclosure
CVE-2011-3749
ka-Map <1.0-20070205 - Info Disclosure
CVE-2011-3748
Kamads Classifieds 2_B3 - Info Disclosure
CVE-2011-3747
Joomla! 1.6.0 - Exposure of Sensitive Information via Direct PHP File Request
CVE-2011-3746
Jcow 4.2.1 - Exposure of Sensitive Information via Direct PHP File Request
CVE-2011-3745
HycusCMS 1.0.3 - Exposure of Sensitive Information via Direct Request to PHP Files
Details
Vulnerabilities 10,205
Exploit Likelihood High