Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-538

CWE-538

Insertion of Sensitive Information into Externally-Accessible File or Directory

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information.

90 vulnerabilities with CWE-538

CVE-2023-5937 LOW

Nozomi Networks Arc < 1.6.0 - Sensitive Information Exposure via World-Readable Configuration Files

CVE-2023-4595 HIGH

Seattlelab SLMail - Information Exposure

CVE-2023-46723 HIGH

lte-pic32-writer <0.0.1 - Info Disclosure

CVE-2023-38558 MEDIUM

SIMATIC PCS neo Administration Console V4.0 and V4.0 Update 1 - Credential Leak via Windows Admin Credential Exposure

CVE-2023-4480 MEDIUM

phpfusion < 9.10.30 - Path Traversal and Arbitrary File Write via Fusion File Manager

CVE-2023-28444 CRITICAL

angular-server-side-configuration - Info Disclosure

CVE-2022-43933 MEDIUM

Brocade SANnav <2.2.2 - Info Disclosure

CVE-2022-4318 HIGH

cri-o < 1.26.0 - Arbitrary File Write via Environment Variable

CVE-2022-26329 LOW

NetIQ Identity Manager <4.8.5 - Info Disclosure

CVE-2022-23508 HIGH

Weave GitOps - Privilege Escalation

CVE-2022-44623 MEDIUM

JetBrains TeamCity <2022.10 - Info Disclosure

CVE-2022-20864 MEDIUM

Cisco IOS XE ROM Monitor - Unauthenticated Sensitive Information Exposure via Console Commands

CVE-2022-0013 MEDIUM

Cortex XDR Agent 5.0-5.0.11, 6.1-6.1.8, 7.2-7.2.3, 7.3-7.3.1 - Arbitrary File Read via Support File

CVE-2021-4471 HIGH

TG8 Firewall - Unauthenticated Credential Exposure via HTTP Directory Traversal

CVE-2021-40363 HIGH

SIMATIC PCS 7, WinCC - Info Disclosure

CVE-2021-3709 MEDIUM

apport Path Traversal in check_attachment_for_errors()

CVE-2021-32822 MEDIUM

hbs - File Disclosure via Express Render API Configuration Overwrite

CVE-2021-1406 MEDIUM

Cisco Unified Communications Manager - Authenticated Exposure of Sensitive Information via Downloadable Files

CVE-2021-21250 HIGH

OneDev < 4.0.3 - Arbitrary File Read via XML External Entity Injection in BuildSpec

CVE-2020-37104 HIGH

ASTPP 4.0.1 - Unauthenticated Sensitive Information Disclosure via Database Backup Download

CVE-2019-25717 MEDIUM

Dräger Infinity Delta/Kappa Patient Monitors Unauthenticated Log File Disclosure

CVE-2019-25706 HIGH

Across DR-810 ROM-0 Unauthenticated File Disclosure

CVE-2019-15793 MEDIUM

Linux kernel <5.3 - Privilege Escalation

CVE-2019-6851 HIGH

Schneider Electric Modicon M580, M340, Premium, Quantum - File and Directory Information Exposure via TFTP Protocol

CVE-2019-7618 MEDIUM

Elastic Code <7.3.2 - Info Disclosure

Previous Page 3 of 4 Next

Details

Vulnerabilities 90

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy