Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-497

CWE-497

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.

333 vulnerabilities with CWE-497

CVE-2025-64228 MEDIUM

SUMO Affiliates Pro <11.0.0 - Info Disclosure

CVE-2025-43024 HIGH

HP ThinPro - Unauthenticated Exposure of Sensitive System Information via GUI Dialog

CVE-2025-62524 MEDIUM

PILOS < 4.8.0 - PHP Version Exposure via X-Powered-By Header

CVE-2025-62902 MEDIUM

ThemeHunk WP Popup Builder <1.3.7 - Info Disclosure

CVE-2025-34156 MEDIUM

Tibbo AggreGate Network Manager < 6.40.05 - Info Disclosure

CVE-2025-47699 CRITICAL

Gallagher Morpho <9.30.2482, <9.20.2819, <9.10.3672, <9.00.3831, <=...

CVE-2025-59575 MEDIUM

Stylemix MasterStudy LMS <3.6.20 - Info Disclosure

CVE-2025-52752 MEDIUM

ThemeAtelier IDonatePro <2.1.9 - Info Disclosure

CVE-2025-11151 HIGH

CityPLus <V24.29500.1.0 - Info Disclosure

CVE-2025-52616 MEDIUM

HCL Unica 12.1.10 - Info Disclosure

CVE-2025-4614 LOW

Palo Alto Networks PAN-OS - Info Disclosure

CVE-2025-44823 CRITICAL

Nagios Log Server <2024R1.3.2 - Info Disclosure

CVE-2025-59447 LOW

YoSmart YoLink Smart Hub 0382 - Info Disclosure

CVE-2025-58585 MEDIUM

Sick Analytics Products - Information Disclosure

CVE-2025-58583 MEDIUM

SICK Enterprise Analytics - Exposure of Sensitive System Information via H2 Database

CVE-2025-58579 MEDIUM

Sick Analytics Products - User Enumeration via Unauthenticated Endpoint

CVE-2025-60167 MEDIUM

Page Manager for Elementor <2.0.5 - Info Disclosure

CVE-2025-60119 MEDIUM

CoSchedule <3.3.10 - Info Disclosure

CVE-2025-60092 MEDIUM

Shahjada Download Manager <3.3.24 - Info Disclosure

CVE-2025-59582 MEDIUM

Ajax Load More <7.6.0.2 - Info Disclosure

CVE-2025-58015 MEDIUM

Ays Pro Quiz Maker <6.7.0.61 - Info Disclosure

CVE-2025-58007 MEDIUM

NerdPress Social Pug <1.35.1 - Info Disclosure

CVE-2025-57937 MEDIUM

WPeMatico RSS Feed Fetcher <2.8.10 - Info Disclosure

CVE-2025-57916 MEDIUM

Nurul Amin WP System Information <1.5 - Info Disclosure

CVE-2025-36146 MEDIUM

IBM watsonx.data 2.2 - Authenticated Sensitive Information Exposure

Previous Page 6 of 14 Next

Details

Vulnerabilities 333

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy