CWE-200— Exposure of Sensitive Information to an Unauthorized Actor

8,612 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →

CVEs classified under CWE-200page 1 of 173

CVE-1999-0059HIGHCVSS 7.3EG 7.3
1997-07-14
IRIX fam service allows an attacker to obtain a list of all files on the server.
CVE-1999-0236HIGHCVSS 7.5EG 7.5
1997-01-01
ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.
CVE-1999-0348NONECVSS 0.0EG 0.0
1999-01-27
IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory.
CVE-1999-0372NONECVSS 0.0EG 0.0
1999-02-12
The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted.
CVE-1999-0453NONECVSS 0.0EG 0.0
1999-01-01
An attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the Cisco Discovery Protocol (CDP).
CVE-1999-0468HIGHCVSS 8.2EG 8.2
1999-04-09
Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component.
CVE-1999-0511CRITICALCVSS 9.1EG 9.1
1997-01-01
IP forwarding is enabled on a machine which is not a router or firewall.
CVE-1999-0517MEDIUMCVSS 5.9EG 9.0
1997-01-01
An SNMP community name is the default (e.g. public), null, or missing.
CVE-1999-0524MEDIUMCVSS 4.0EG 4.0
1997-08-01
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
CVE-1999-0605NONECVSS 0.0EG 0.0
1999-04-01
An incorrect configuration of the Order Form 1.0 shopping cart CGI program could disclose private information.
CVE-1999-0606NONECVSS 0.0EG 0.0
1999-04-01
An incorrect configuration of the EZMall 2000 shopping cart CGI program "mall2000.cgi" could disclose private information.
CVE-1999-0632HIGHCVSS 7.3EG 7.3
1999-01-01
The RPC portmapper service is running.
CVE-1999-0877NONECVSS 0.0EG 0.0
1999-10-01
Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an IFRAME.
CVE-1999-1136NONECVSS 0.0EG 0.0
1998-07-30
Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows attackers to compromise data transfer for Predictive messages (using e-mail or modem) between customer and Response Center Predictive systems.
CVE-1999-1462NONECVSS 0.0EG 0.0
1999-12-31
Vulnerability in bb-hist.sh CGI History module in Big Brother 1.09b and 1.09c allows remote attackers to read portions of arbitrary files.
CVE-2000-0132NONECVSS 0.0EG 0.0
2000-01-31
Microsoft Java Virtual Machine allows remote attackers to read files via the getSystemResourceAsStream function.
CVE-2000-0368NONECVSS 0.0EG 0.0
2001-03-12
Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.
CVE-2000-0588NONECVSS 0.0EG 0.0
2000-06-26
SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by listing the file in the rfcf parameter, whose contents SawMill attempts to parse as configuration commands.
CVE-2000-0649NONECVSS 0.0EG 0.0
2000-07-13
IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined.
CVE-2000-0759NONECVSS 0.0EG 0.0
2000-10-20
Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path.
CVE-2000-0876NONECVSS 0.0EG 0.0
2000-11-14
WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to obtain the full pathname of the server via a "%C" command, which generates an error message that includes the pathname.
CVE-2001-1387NONECVSS 0.0EG 0.0
2001-11-05
iptables-save in iptables before 1.2.4 records the "--reject-with icmp-host-prohibited" rule as "--reject-with tcp-reset," which causes iptables to generate different responses than specified by the administrator, possibly leading to an in…
CVE-2002-0419NONECVSS 0.0EG 0.0
2002-08-12
Information leaks in IIS 4 through 5.1 allow remote attackers to obtain potentially sensitive information or more easily conduct brute force attacks via responses from the server in which (2) in certain configurations, the server IP addres…
CVE-2002-0422NONECVSS 0.0EG 0.0
2002-08-12
IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to determine the internal IP address of the system (which may be obscured by NAT) via (1) a PROPFIND HTTP request with a blank Host header, which leaks the address in an HREF …
CVE-2002-0596NONECVSS 0.0EG 0.0
2002-06-18
WebTrends Reporting Center 4.0d allows remote attackers to determine the real path of the web server via a GET request to get_od_toc.pl with an empty Profile parameter, which leaks the pathname in an error message.
CVE-2002-0812NONECVSS 0.0EG 0.0
2002-08-12
Information leak in Compaq WL310, and the Orinoco Residential Gateway access point it is based on, uses a system identification string as a default SNMP read/write community string, which allows remote attackers to obtain and modify sensit…
CVE-2002-1432NONECVSS 0.0EG 0.0
2003-04-11
MidiCart stores the midicart.mdb database file under the Web document root, which allows remote attackers to steal sensitive information by directly requesting the database.
CVE-2002-1717NONECVSS 0.0EG 0.0
2002-12-31
Microsoft Internet Information Server (IIS) 5.1 allows remote attackers to view path information via a GET request to (1) /_vti_pvt/access.cnf, (2) /_vti_pvt/botinfs.cnf, (3) /_vti_pvt/bots.cnf, or (4) /_vti_pvt/linkinfo.cnf.
CVE-2002-1718NONECVSS 0.0EG 0.0
2002-12-31
Microsoft Internet Information Server (IIS) 5.1 may allow remote attackers to view the contents of a Frontpage Server Extension (FPSE) file, as claimed using an HTTP request for colegal.htm that contains .. (dot dot) sequences.
CVE-2002-2276NONECVSS 0.0EG 0.0
2002-12-31
Ultimate PHP Board (UPB) 1.0 allows remote attackers to view the physical path of the message board via a direct request to add.php, which leaks the path in an error message.
CVE-2002-2288NONECVSS 0.0EG 0.0
2002-12-31
Mambo Site Server 4.0.11 allows remote attackers to obtain the physical path of the server via an HTTP request to index.php with a parameter that does not exist, which causes the path to be leaked in an error message.
CVE-2002-2289NONECVSS 0.0EG 0.0
2002-12-31
soinfo.php in BadBlue 1.7.1 calls the phpinfo function, which allows remote attackers to gain sensitive information including ODBC passwords.
CVE-2002-2317NONECVSS 0.0EG 0.0
2002-12-31
Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service (memory consumption) via an unknown method.
CVE-2002-2342NONECVSS 0.0EG 0.0
2002-12-31
Bannermatic 1, 2, and 3 stores the (1) ban.log, (2) ban.bak, (3) ban.dat and (4) banmat.pwd data files under the web document root with insufficient access control, which allows attackers to obtain sensitive information via a direct reques…
CVE-2002-2346NONECVSS 0.0EG 0.0
2002-12-31
phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses.
CVE-2002-2349NONECVSS 0.0EG 0.0
2002-12-31
phpinfo.php in phpBBmod 1.3.3 executes the phpinfo function, which allows remote attackers to obtain sensitive environment information.
CVE-2002-2369NONECVSS 0.0EG 0.0
2002-12-31
Perception LiteServe 2.0 allows remote attackers to read password protected files via a leading "/./" in a URL.
CVE-2002-2380NONECVSS 0.0EG 0.0
2002-12-31
NetDSL ADSL Modem 800 with Microsoft Network firmware 5.5.11 allows remote attackers to gain access to configuration menus by sniffing undocumented usernames and passwords from network traffic.
CVE-2002-2409NONECVSS 0.0EG 0.0
2002-12-31
Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 and 6.2.0 allows attackers to read user clipboard information via a direct request to the 1.TEXT file in a directory whose name is a hex-encoded user ID.
CVE-2002-2410NONECVSS 0.0EG 0.0
2002-12-31
openwebmail.pl in Open WebMail 1.7 and 1.71 reveals sensitive information in error messages and generates different responses whether a user exists or not, which allows remote attackers to identify valid usernames via brute force attacks a…
CVE-2002-2435NONECVSS 0.0EG 0.0
2011-12-07
The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a …
CVE-2002-2436NONECVSS 0.0EG 0.0
2011-12-07
The Cascading Style Sheets (CSS) implementation in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive informati…
CVE-2003-0001NONECVSS 0.0EG 0.0
2003-01-17
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Ethe…
CVE-2003-0456NONECVSS 0.0EG 0.0
2003-08-18
VisNetic WebSite 3.5 allows remote attackers to obtain the full pathname of the server via a request containing a folder that does not exist, which leaks the pathname in an error message, as demonstrated using _vti_bin/fpcount.exe.
CVE-2003-0904NONECVSS 0.0EG 0.0
2004-01-20
Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an au…
CVE-2003-1366NONECVSS 0.0EG 0.0
2003-12-31
chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a hard link attack on a temporary file used to store user database information.
CVE-2003-1379NONECVSS 0.0EG 0.0
2003-12-31
clarkconnectd in ClarkConnect Linux 1.2 allows remote attackers to obtain sensitive information about the server via the characters (1) A, which reveals the date and time, (2) F, (3) M, which reveals 'ifconfig' information, (4) P, which li…
CVE-2003-1398NONECVSS 0.0EG 0.0
2003-12-31
Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification).
CVE-2003-1404NONECVSS 0.0EG 0.0
2003-12-31
DotBr 0.1 stores config.inc with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information such as SQL usernames and passwords.
CVE-2003-1408NONECVSS 0.0EG 0.0
2003-12-31
Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the source code for files via an HTTP request with a filename with a trailing dot.

Map vulnerabilities like CWE-200 to your infrastructure

EchelonGraph correlates every CVE — across CWE-200 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.

Start Free Scan →