The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.
157 vulnerabilities with CWE-204
CVE-2021-38476
MEDIUM
InHand Networks IR615 Router <2.3.0.r4870 - Info Disclosure
CVSS 6.5
CVE-2021-39189
MEDIUM
pimcore < 10.1.3 - Username Enumeration via Forgot Password Functionality
CVSS 5.3
CVE-2020-11063
LOW
TYPO3 CMS <10.4.1 - Info Disclosure
CVSS 3.7
CVE-2019-25338
MEDIUM
DokuWiki 2018-04-22b - Info Disclosure
CVSS 5.3
CVE-2019-19030
MEDIUM
Cloud Native Computing Foundation Harbor <1.10.3, <2.0.1 - Info Dis...
CVSS 5.3
CVE-2018-25350
CRITICAL
userSpice 4.3.24 Username Enumeration via existingUsernameCheck.php
CVSS 9.8
CVE-2016-9499
MEDIUM
Accellion FTP Server < FTA_9_12_220 - Username Enumeration via Invalid Login Response
CVSS 5.3
Details
Vulnerabilities
157