CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,209 vulnerabilities with CWE-200
CVE-2009-4961
lanai-core 0.6 - Exposure of Sensitive Information via info.php
CVE-2009-4951
alternet_csa_out < 0.3.0 - Exposure of Sensitive Information
CVE-2009-4943
AdPeeps 8.5d1 - Exposure of Sensitive Information via Invalid UID Parameter
CVE-2009-4844
ToutVirtual VirtualIQ Pro 3.2 build 7882 - Unauthenticated Sensitive Information Exposure via Tomcat Status Endpoint
CVE-2009-4812
Wolfram webMathematica - Information Exposure via MSP Script Direct Request
CVE-2009-4511
TANDBERG VCS <X5.1 - Path Traversal
CVE-2009-4630
Mozilla Firefox - DNS Prefetching Information Exposure via Local HTML Links
CVE-2009-4629
SeaMonkey and Thunderbird - Unauthorized DNS Prefetching Exposure
CVE-2009-4609
Mort Bay Jetty <7.0.0 - Info Disclosure
CVE-2009-4535
Mongoose < 2.8.0 - Unauthenticated Source Code Exposure via URI Trailing Slash
CVE-2009-4533
Drupal Webform <5.2.8 & <6.2.8 - Info Disclosure
CVE-2009-4531
jasper/httpdx <= 1.4.4 - Exposure of Sensitive Information via URI Dot Character
CVE-2009-4530
Mongoose < 2.8 - Unauthenticated Source Code Disclosure via ::$DATA URI Suffix
CVE-2009-4529
InterVations NaviCOPA Web Server <3.0.1.2 - Info Disclosure
CVE-2009-4466
DeluxeBB 1.3 - Exposure of Sensitive Information via Page Parameter
CVE-2009-4145
nm-connection-editor <0.7 - Info Disclosure
CVE-2009-4357
IBM Rational ClearQuest <7.1.1 - Info Disclosure
CVE-2009-3987
Mozilla Firefox <3.0.16 & SeaMonkey <2.0.1 - Info Disclosure
CVE-2009-4333
IBM DB2 9.5 - Exposure of Sensitive Information via GET SNAPSHOT FOR DYNAMIC SQL Command
CVE-2009-4326
IBM DB2 <9.5 FP5, <9.7 FP1 - Info Disclosure
CVE-2009-4303
Moodle <1.8.11-1.9.7 - Info Disclosure
CVE-2009-4300
Moodle <1.8.11-1.9.7 - Info Disclosure
CVE-2009-4298
Moodle <1.8.11-1.9.7 - Info Disclosure
CVE-2009-3554
Red Hat JBoss EAP 4.2-4.2.0.CP08/4.3-4.3.0.CP07 Sensitive Info Exposure via Twiddle Log
CVE-2009-4322
Zen Cart - Exposure of Sensitive Information via Direct Request to extras/ipn_test_return.php
Details
Vulnerabilities 10,209
Exploit Likelihood High