CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,217 vulnerabilities with CWE-200
CVE-2004-1923
Tiki CMS/Groupware < 1.8.1 - Exposure of Sensitive Information via Direct Request to Multiple Scripts
CVE-2003-20001 MEDIUM
Mitel ICP VoIP 3100 - Info Disclosure
CVSS 5.6
CVE-2003-1567 HIGH
Internet Information Services 5.0 - Exposure of Sensitive Information via TRACK Method
CVSS 7.5
CVE-2003-0904
Microsoft Exchange 2003 - Unauthorized Mailbox Access via NTLM Authentication
CVE-2003-1366
OpenBSD 2.0-3.2 - Unauthorized File Read via chpass Hard Link Attack
CVE-2003-1379
ClarkConnect Linux 1.2 - Unauthenticated Sensitive Information Exposure via clarkconnectd Commands
CVE-2003-1398
Cisco IOS 12.0-12.2 - Denial of Service via False ICMP Redirect Messages
CVE-2003-1404
DotBr botbr 0.1 - Unauthenticated Sensitive Information Exposure via config.inc
CVE-2003-1408
Lotus Domino Server 5.0 and 6.0 - Exposure of Sensitive Information via Trailing Dot in Filename
CVE-2003-1409
ej3 topo 1.43 - Exposure of Sensitive Information via Invalid Parameter in in.php or out.php
CVE-2003-1418
Apache HTTP Server 1.3.22-1.3.27 - Sensitive Information Exposure via ETag Header or MIME Boundary
CVE-2003-1468
PHP-Nuke 6.0-6.5 - Unauthenticated Full Web Server Path Exposure via Invalid cid Parameter
CVE-2003-1469
ColdFusion MX - Unauthenticated Sensitive Information Exposure via CFIDE/probe.cfm
CVE-2003-1481
CommuniGate Pro 3.1-4.0.6 - Session Hijacking via Referer Field Exposure
CVE-2003-1486
Phorum 3.4-3.4.2 - Path Disclosure via Error Message
CVE-2003-1517
Dansie shopping_cart - Path Disclosure via Invalid db Parameter
CVE-2003-1526
PHP-Nuke 7.0 - Exposure of Sensitive Information via Search Field Error Message
CVE-2003-1535
Justice Guestbook 1.3 - Exposure of Sensitive Information via cfooter.php3
CVE-2003-1540
Wfchat - Information Disclosure
CVE-2003-1548
MyABraCaDaWeb <= 1.0.2 - Exposure of Sensitive Information via Invalid IDAdmin Parameter
CVE-2003-1550
XOOPS < 2.0 - Exposure of Sensitive Information via Invalid xoopsOption Parameter
CVE-2003-1553
Sips - Information Disclosure
CVE-2003-1555
ScozBook 1.1 BETA - Exposure of Sensitive Information via Invalid PG Parameter
CVE-2003-1559
Microsoft IE - Information Disclosure
CVE-2003-1560
Netscape Navigator - Sensitive Information Exposure via Referer Header
Details
Vulnerabilities 10,217
Exploit Likelihood High