CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,213 vulnerabilities with CWE-200
CVE-2009-0504
IBM WebSphere Application Server < 7.0 - Exposure of Sensitive Information via WSPolicy IDAssertion
CVE-2009-0437
IBM WebSphere Application Server <6.0.2 - Info Disclosure
CVE-2009-0434
IBM WebSphere Application Server <7.0.0.1 - Info Disclosure
CVE-2009-0453
Online Grades 3.2.4 - Info Disclosure
CVE-2009-0474
Rockwell Automation ControlLogix - Info Disclosure
CVE-2009-0358
Mozilla Firefox <3.0.6 - Info Disclosure
CVE-2009-0274
Novell GroupWise - Exposure of Sensitive Information via Crafted URL
CVE-2009-0391
IBM WebSphere Application Server (WAS) 6.0.1 - Info Disclosure
CVE-2009-0348
Sun Java System Access Manager - Info Disclosure
CVE-2009-0320
Microsoft Windows XP- Vista - Info Disclosure
CVE-2009-0278
Sun Java System AS <8.2 - Info Disclosure
CVE-2009-0123
Apple Safari - Unauthenticated Arbitrary File Read via RSS Feed URL Handler
CVE-2009-0041
Asterisk Business Edition < B.2.5.2 and < C.1.0 - Unauthenticated Username Enumeration via IAX2 Login Response
CVE-2008-5083
MEDIUM
JBoss Operations Network 2.1.0-2.1.2 - Exposure of Sensitive Information
CVSS 6.5
CVE-2008-7292
Bugzilla <2.20.5, <2.22.3, <3.0.3 - Info Disclosure
CVE-2008-7281
OTRS < 2.2.7 - Unauthorized Exposure of Bcc Recipient E-mail Addresses
CVE-2008-7268
SiteEngine 5.x - Exposure of Sensitive Information via phpinfo Action Parameter
CVE-2008-7187
Coppermine Photo Gallery <1.4.14 - Info Disclosure
CVE-2008-7154
Docebo < 3.5.0.3 - Unauthenticated Sensitive Information Exposure via Direct Request
CVE-2008-7146
IntraLearn < 4.2 - Exposure of Sensitive Information via Direct Request to Help Pages
CVE-2008-7143
phpBB 2.0.23 - Session Hijacking via Referer Header Exposure
CVE-2008-7069
All Club CMS <= 0.0.2 - Exposure of Sensitive Information via Direct Request to accms.dat
CVE-2008-7063
Ocean12 FAQ Manager Pro - Unauthenticated Sensitive Data Exposure via Direct Database Request
CVE-2008-6999
phpAuction 3.2 and possibly 3.3.0 GPL Basic - Exposure of Sensitive Information via phpinfo.php
CVE-2008-6981
phpAdultSite CMS - Exposure of Sensitive Information via Invalid results_per_page Parameter
Details
Vulnerabilities
10,213
Exploit Likelihood
High