CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,215 vulnerabilities with CWE-200
CVE-2008-0589
IBM AIX 5.2, 5.3, 6.1 - Exposure of Sensitive Information via ps Program
CVE-2008-0395
Kayako SupportSuite 3.11.01 - Exposure of Sensitive Information via syncml/index.php
CVE-2008-0367
Firefox < 2.0.0.11 - Unauthorized Realm Spoofing via HTTP Basic Authentication Dialog
CVE-2008-0297
PhotoKorn - Exposure of Sensitive Database Credentials via Direct Request to update3.php
CVE-2008-0249
PHP Webquest 2.6 - Unauthenticated Database Credential Exposure via Direct Request to admin/backup_phpwebquest.php
CVE-2008-0191
WordPress 2.2.x-2.3.x - Exposure of Sensitive Information via Invalid RSS2 P Parameter
CVE-2008-0195
WordPress < 2.0.11 - Unauthenticated Sensitive Information Exposure via Empty Page Parameter
CVE-2008-0136
Snitz Forums 2000 3.4.05 - Unauthenticated Sensitive Information Exposure via Direct Request to whereami.asp
CVE-2007-6744
Flexera Macrovision InstallShield <2008 - Info Disclosure
CVE-2007-4514
HP ProCurve Manager <2.3 - Info Disclosure
CVE-2007-3650 MEDIUM
myWebland myBloggie 2.1.6 - Exposure of Sensitive Information via Error Messages
CVSS 5.3
CVE-2007-3651 MEDIUM
FaName 1.0 - Exposure of Sensitive Information via id Parameter
CVSS 5.3
CVE-2007-6702
GoAhead Web Server - Info Disclosure
CVE-2007-5333
Apache Tomcat 4.1.0-4.1.35, 5.5.0-5.5.25, 6.0.0-6.0.14 - Session ID Exposure via Cookie Handling
CVE-2007-5958
X.Org Xserver <1.4.1 - Info Disclosure
CVE-2007-5404
Layton HelpBox 3.7.1 - Username Enumeration via Login Error Messages
CVE-2007-6660
2z project 0.9.6.1 - Info Disclosure
CVE-2007-6606
OpenBiblio <0.5.2-pre4 - Info Disclosure
CVE-2007-6607
OpenBiblio <0.5.2-pre4 - Info Disclosure
CVE-2007-6536
Google Toolbar 4-5 beta - Open Redirect
CVE-2007-6524
Opera < 9.25 - Memory Contents Exposure via Crafted BMP File
CVE-2007-6512
PHP MySQL Banner Exchange 2.2.1 - Info Disclosure
CVE-2007-6513
HP eSupportDiagnostics ActiveX control <1.0.11.0 - Info Disclosure
CVE-2007-6514
Apache HTTP Server - Info Disclosure
CVE-2007-6476
GF-3XPLORER 2.4 - Exposure of Sensitive Information via phpinfo.php
Details
Vulnerabilities 10,215
Exploit Likelihood High