CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,213 vulnerabilities with CWE-200
CVE-2008-6961
SeaMonkey < 1.1.13 - Exposure of Sensitive Information via DOM Properties
CVE-2008-6955
mxCamArchive 2.2 - Unauthenticated Exposure of Sensitive Information via Direct Request
CVE-2008-6896
3CX Phone System 6.0.806.0 - Exposure of Sensitive Information via Installation Path Disclosure
CVE-2008-6872
ASPThai.NET ASPThai Forums 8.5 - Unauthenticated Sensitive Information Exposure via Direct Database Download
CVE-2008-6754
The Personal Sticky Threads 1.0.3c - Authenticated Exposure of Sensitive Thread Information via Sticky Toggle
CVE-2008-6737
Crysis < 1.21 - Unauthenticated Exposure of Sensitive Player Information via Keyexchange Packet
CVE-2008-6722
Novell Access Manager 3 SP4 - Exposure of Sensitive Information via SSL Session Cache
CVE-2008-5519
Apache Tomcat JK Connector 1.2.0-1.2.26 - Info Disclosure
CVE-2008-6561
Citrix Presentation Server Client for Windows - Exposure of Sensitive Information in Process Memory
CVE-2008-6537
LightNEasy 1.2 - Unauthenticated Administrator Password Hash Exposure via Setup Action
CVE-2008-6521
OpenTerracotta 0.6.1 - Exposure of Sensitive Information via Invalid File Parameter
CVE-2008-6420
Social Site Generator 2.0 - Unauthenticated Arbitrary File Read via File Parameter
CVE-2008-6387
Quick Tree View .NET 3.1 - Unauthenticated Sensitive Information Exposure via Direct Database File Access
CVE-2008-6342
Lobacher Patrick Simplefilebrowser < 1.0.2 - Information Disclosure
CVE-2008-4308
Apache Tomcat 4.1.32-4.1.34 and 5.5.10-5.5.20 - Information Disclosure via doRead Method
CVE-2008-6279
RakhiSoftware Shopping Cart - Exposure of Sensitive Information via Invalid PHPSESSID Cookie
CVE-2008-6159
Hans Oesterholt Cmme - Information Disclosure
CVE-2008-4560
HP OpenView NNM 7.01/7.51/7.53 Sensitive Information Exposure via nnmRptConfig.exe/ovlaunch.exe
CVE-2008-6063
Microsoft Word 2007 - Info Disclosure
CVE-2008-5936
mini-pub <= 0.3 - Unauthenticated Arbitrary File Read via sFileName Parameter
CVE-2008-5461
BEA Product Suite - Info Disclosure
CVE-2008-5460
BEA Product Suite - Info Disclosure
CVE-2008-5849
Check Point VPN-1 R55-R65 - Info Disclosure
CVE-2008-5828
Microsoft Windows Live Messenger Client <8.5.1 - Info Disclosure
CVE-2008-5498
PHP < 5.2.8 - Exposure of Sensitive Information via imageRotate Function
Details
Vulnerabilities 10,213
Exploit Likelihood High