CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,213 vulnerabilities with CWE-200
CVE-2008-6961
SeaMonkey < 1.1.13 - Exposure of Sensitive Information via DOM Properties
CVE-2008-6955
mxCamArchive 2.2 - Unauthenticated Exposure of Sensitive Information via Direct Request
CVE-2008-6896
3CX Phone System 6.0.806.0 - Exposure of Sensitive Information via Installation Path Disclosure
CVE-2008-6872
ASPThai.NET ASPThai Forums 8.5 - Unauthenticated Sensitive Information Exposure via Direct Database Download
CVE-2008-6754
The Personal Sticky Threads 1.0.3c - Authenticated Exposure of Sensitive Thread Information via Sticky Toggle
CVE-2008-6737
Crysis < 1.21 - Unauthenticated Exposure of Sensitive Player Information via Keyexchange Packet
CVE-2008-6722
Novell Access Manager 3 SP4 - Exposure of Sensitive Information via SSL Session Cache
CVE-2008-5519
Apache Tomcat JK Connector 1.2.0-1.2.26 - Info Disclosure
CVE-2008-6561
Citrix Presentation Server Client for Windows - Exposure of Sensitive Information in Process Memory
CVE-2008-6537
LightNEasy 1.2 - Unauthenticated Administrator Password Hash Exposure via Setup Action
CVE-2008-6521
OpenTerracotta 0.6.1 - Exposure of Sensitive Information via Invalid File Parameter
CVE-2008-6420
Social Site Generator 2.0 - Unauthenticated Arbitrary File Read via File Parameter
CVE-2008-6387
Quick Tree View .NET 3.1 - Unauthenticated Sensitive Information Exposure via Direct Database File Access
CVE-2008-6342
Lobacher Patrick Simplefilebrowser < 1.0.2 - Information Disclosure
CVE-2008-4308
Apache Tomcat 4.1.32-4.1.34 and 5.5.10-5.5.20 - Information Disclosure via doRead Method
CVE-2008-6279
RakhiSoftware Shopping Cart - Exposure of Sensitive Information via Invalid PHPSESSID Cookie
CVE-2008-6159
Hans Oesterholt Cmme - Information Disclosure
CVE-2008-4560
HP OpenView NNM 7.01/7.51/7.53 Sensitive Information Exposure via nnmRptConfig.exe/ovlaunch.exe
CVE-2008-6063
Microsoft Word 2007 - Info Disclosure
CVE-2008-5936
mini-pub <= 0.3 - Unauthenticated Arbitrary File Read via sFileName Parameter
CVE-2008-5461
BEA Product Suite - Info Disclosure
CVE-2008-5460
BEA Product Suite - Info Disclosure
CVE-2008-5849
Check Point VPN-1 R55-R65 - Info Disclosure
CVE-2008-5828
Microsoft Windows Live Messenger Client <8.5.1 - Info Disclosure
CVE-2008-5498
PHP < 5.2.8 - Exposure of Sensitive Information via imageRotate Function
Details
Vulnerabilities
10,213
Exploit Likelihood
High