Top List List Information disclosure PortSwigger Academy Sensitive data exposure

Which option is a list of publicly disclosed information security defects?

  • Severity

  • High
  • Medium
  • Low
  • Informational

  • Vulnerability Categories

  • Abuse Of Functionality
  • Acumonitor
  • Arbitrary File Creation
  • Authentication Bypass
  • Bruteforce Possible
  • Buffer Overflow
  • CSRF
  • CSTI
  • Code Execution
  • Configuration
  • Crlf Injection
  • Deepscan
  • Default Credentials
  • Denial Of Service
  • Dev Files
  • Directory Listing
  • Directory Traversal
  • Eli Injection
  • Error Handling
  • File Inclusion
  • Http Parameter Pollution
  • Http Response Splitting
  • Information Disclosure
  • Insecure Admin Access
  • Insecure Deserialization
  • Internal Ip Disclosure
  • Known Vulnerabilities
  • Ldap Injection
  • Malware
  • Missing Update
  • Privilege Escalation
  • SSRF
  • Sensitive Data Not Over Ssl
  • Server Side Template Injection
  • Session Fixation
  • Source Code Disclosure
  • Sql Injection
  • Test Files
  • Unauthenticated File Upload
  • Url Redirection
  • Weak Credentials
  • Weak Crypto
  • XFS
  • XSS
  • XXE
  • Xpath Injection

Vulnerability NameCVECWECWESeverity.htaccess file readableCWE-443CWE-443Medium

Access database foundCWE-538CWE-538Medium
Adminer 4.6.2 file disclosure vulnerabilityCWE-22CWE-22High
Adobe ColdFusion directory traversalCVE-2013-3336CWE-22CWE-22High
Amazon S3 public bucketCWE-264CWE-264Medium
Amazon S3 publicly writable bucketCWE-264CWE-264High
Apache 2.x version older than 2.0.48CVE-2003-0542 CVE-2003-0789CWE-119CWE-119Medium
Apache Axis2 administration console weak passwordCWE-200CWE-200High
Apache Axis2 information disclosureCWE-200CWE-200Medium
Apache Axis2 web services enumerationCWE-200CWE-200Low
Apache balancer-manager application publicly accessibleCWE-200CWE-200Medium
Apache httpOnly cookie disclosureCVE-2012-0053CWE-264CWE-264Medium
Apache mod_negotiation filename bruteforcingCWE-538CWE-538Low
Apache perl-status enabledCWE-200CWE-200Medium
Apache server-info enabledCWE-200CWE-200Medium
Apache server-status enabledCWE-200CWE-200Medium
Apache Solr endpointCWE-200CWE-200Low
Apache solr service exposedCWE-200CWE-200High
Apache stronghold-info enabledCWE-200CWE-200Low
Apache stronghold-status enabledCWE-200CWE-200Low
Apache Tomcat examples directory vulnerabilitiesCWE-264CWE-264Medium
Apache Tomcat Information Disclosure CVE-2017-7674CVE-2017-12616CWE-200CWE-200High
Apache Tomcat version older than 4.1.37CVE-2005-3164 CVE-2007-1355 CVE-2007-2449 CVE-2007-2450 CVE-2007-3382 CVE-2007-3383 CVE-2007-3385 CVE-2007-5333 CVE-2007-5461CWE-79CWE-79Medium
Apache Tomcat version older than 6.0.11CVE-2005-2090 CVE-2007-1355CWE-79CWE-79Medium
Apache Tomcat version older than 6.0.35CVE-2011-3190 CVE-2011-3375 CVE-2012-0022CWE-264CWE-264High
Apache Tomcat version older than 7.0.21CVE-2011-3190CWE-264CWE-264High
apc.php page foundCWE-538CWE-538Medium
Application error messagesCWE-209CWE-209Medium
Arbitrary file existence disclosure in Action PackCVE-2014-7829CWE-200CWE-200Medium
ASP.NET application trace enabledCWE-215CWE-215Medium
ASP.NET custom errors disabledCWE-12CWE-12Medium
ASP.NET debugging enabledCWE-11CWE-11Low
ASP.NET diagnostic pageCWE-200CWE-200Medium
ASP.NET error messageCWE-12CWE-12Medium
ASP.NET MVC version disclosureCWE-200CWE-200Low
ASP.NET path disclosureCWE-200CWE-200Low
ASP.NET version disclosureCWE-200CWE-200Low
Atlassian Confluence Access Restriction BypassCVE-2017-9505Medium
Atlassian Confluence information disclosureCVE-2017-7415High
Atlassian Confluence Stored Cross Site ScriptingCVE-2016-6283Medium
Atlassian Jira Manage Filters information disclosureCWE-200CWE-200Low
AWStats scriptCWE-538CWE-538Medium
Backup filesCWE-538CWE-538Medium
Bazaar repository foundCWE-538CWE-538High
Chrome Logger information disclosureCWE-200CWE-200Medium
ColdFusion path disclosuresCWE-200CWE-200Low
ColdFusion Request Debugging information disclosureCWE-200CWE-200Medium
ColdFusion Robust Exception enabledCWE-200CWE-200Medium
Configuration file disclosureCWE-538CWE-538High
Configuration file source code disclosureCWE-538CWE-538High
Core dump checker PHP scriptCWE-200CWE-200Medium
Core dump fileCWE-200CWE-200High
Credit card number disclosedCWE-200CWE-200Medium
CVS web repositoryCWE-527CWE-527High
Database connection string disclosureCWE-200CWE-200Medium
Development configuration filesCWE-538CWE-538Medium
Devise weak passwordCWE-200CWE-200High
Directory listingsCWE-538CWE-538Medium
Django debug mode enabledCWE-200CWE-200Medium
Documentation filesCWE-538CWE-538Low
Dotenv .env fileCWE-538CWE-538High
Drupal 7 arbitrary PHP code execution and information disclosureCVE-2012-4553 CVE-2012-4554CWE-264CWE-264High
Drupal Backup Migrate directory publicly accessibleCWE-538CWE-538High
Drupal Core 5.x Information Disclosure [5.0 - 5.18]CVE-2009-2374CWE-200CWE-200High
Drupal Core 6.x Information Disclosure [6.0 - 6.30]CVE-2014-2983CWE-200CWE-200High
Drupal Core 7.x Information Disclosure [7.0 - 7.14]CVE-2012-2922CWE-200CWE-200High
Drupal Core 7.x Information Disclosure [7.0 - 7.26]CVE-2014-2983CWE-200CWE-200High
Drupal Core 8.8.x Information Disclosure [8.8.0 - 8.8.9]CVE-2020-13670CWE-200CWE-200High
Drupal Core 8.9.x Information Disclosure [8.9.0 - 8.9.5]CVE-2020-13670CWE-200CWE-200High
Drupal Core 8.x.x Information Disclosure [8.0.0 - 8.7.14]CVE-2020-13670CWE-200CWE-200High
Drupal Core 9.0.x Information Disclosure [9.0.0 - 9.0.5]CVE-2020-13670CWE-200CWE-200High
Drupal Views module information disclosure vulnerabilityCWE-200CWE-200Medium
Elasticsearch service accessibleCWE-200CWE-200High
elmah.axd information disclosureCWE-209CWE-209Medium
Email addressesCWE-200CWE-200Informational
Error messagesCWE-209CWE-209Medium
Error page path disclosureCWE-200CWE-200Low
Error page web server version disclosureCWE-200CWE-200Informational
File Content Disclosure in Action ViewCVE-2019-5418CWE-200CWE-200High
Folder backupCWE-538CWE-538Medium
Frontpage authors.pwd availableCWE-538CWE-538Medium
Frontpage extensions enabledCWE-16CWE-16Medium
Full public read access Azure blob storageCWE-264CWE-264Medium
Git repository foundCWE-527CWE-527High
GlassFish admin console weak credentialsCWE-693CWE-693High
Global.asa backup file foundCWE-538CWE-538Medium
Golang runtime profiling dataCWE-200CWE-200Medium
HTML Form found in redirect pageCWE-287CWE-287Low
IBM Web Content Manager XPath injectionCVE-2013-6735CWE-264CWE-264High
IBM WebSphere/WebLogic application source file exposureCWE-200CWE-200High
IBM WebSphere administration console weak passwordCWE-200CWE-200High
Insecure transition from HTTPS to HTTP in form postCWE-200CWE-200Low
Insecure transition from HTTP to HTTPS in form postCWE-200CWE-200Medium
Internal IP address disclosureCWE-200CWE-200Informational
Internet Information Server returns IP address in HTTP header [Content-Location]CWE-200CWE-200Low
JBoss BSHDeployer MBeanCWE-200CWE-200High
JBoss HttpAdaptor JMXInvokerServletCWE-94CWE-94High
JBoss JMX Console Unrestricted AccessCWE-200CWE-200High
JBoss JMX management consoleCWE-200CWE-200High
JBoss Seam remoting vulnerabilitiesCVE-2013-6447 CVE-2013-6448CWE-611CWE-611High
JBoss ServerInfo MBeanCVE-2010-0738CWE-200CWE-200High
JBoss Server MBeanCWE-200CWE-200High
JBoss status servlet information leakCVE-2010-1429CWE-200CWE-200Medium
JBoss Web Console JMX InvokerCWE-200CWE-200High
JBoss web service consoleCWE-200CWE-200Low
Jenkins dashboardCWE-200CWE-200Medium
Jenkins user enumerationCWE-200CWE-200Low
Jenkins weak passwordCWE-200CWE-200High
JetBrains .idea project directoryCWE-538CWE-538Medium
JetLeak vulnerabilityCVE-2015-2080CWE-200CWE-200High
Joe Editor DEADJOE fileCWE-538CWE-538Low
Joomla! Core 1.5.x Information Disclosure [1.5.0 - 1.5.11]CVE-2011-4911CWE-200CWE-200High
Joomla! Core 1.5.x Information Disclosure [1.5.0 - 1.5.12]CWE-200CWE-200High
Joomla! Core 1.5.x Information Disclosure [1.5.0 - 1.5.14]CWE-200CWE-200High
Joomla! Core 1.5.x Information Disclosure [1.5.0 - 1.5.15]CVE-2010-1432CWE-200CWE-200High
Joomla! Core 1.5.x Information Disclosure [1.5.0 - 1.5.23]CVE-2011-3629CWE-200CWE-200High
Joomla! Core 1.5.x Information Disclosure [1.5.0 - 1.5.25]CVE-2012-1599CWE-264CWE-264High
Joomla! Core 1.6.x Information Disclosure [1.6.0 - 1.6.3]CWE-200CWE-200High
Joomla! Core 1.6.x Information Disclosure [1.6.0 - 1.6.6]CVE-2012-0821CWE-200CWE-200High
Joomla! Core 1.6.x Information Disclosure [1.6.0 - 1.6.6]CVE-2012-0819CWE-200CWE-200High
Joomla! Core 1.7.0 Information Disclosure [1.7.0 - 1.7.0]CWE-200CWE-200High
Joomla! Core 1.7.x Information Disclosure [1.7.0 - 1.7.1]CVE-2011-4937CWE-200CWE-200High
Joomla! Core 1.7.x Information Disclosure [1.7.0 - 1.7.1]CVE-2011-3629CWE-200CWE-200High
Joomla! Core 1.7.x Information Disclosure [1.7.0 - 1.7.3]CVE-2012-0819CWE-200CWE-200High
Joomla! Core 1.7.x Information Disclosure [1.7.0 - 1.7.3]CVE-2012-0821CWE-200CWE-200High
Joomla! Core 1.7.x Information Disclosure [1.7.0 - 1.7.4]CVE-2012-0837CWE-200CWE-200High
Joomla! Core 1.7.x Information Disclosure [1.7.0 - 1.7.4]CVE-2012-0835CWE-200CWE-200High
Joomla! Core 1.7.x Information Disclosure [1.7.0 - 1.7.4]CVE-2012-0836CWE-200CWE-200High
Joomla! Core 2.5.0 Information Disclosure [2.5.0 - 2.5.0]CVE-2012-0835CWE-200CWE-200High
Joomla! Core 2.5.0 Information Disclosure [2.5.0 - 2.5.0]CVE-2012-0837CWE-200CWE-200High
Joomla! Core 2.5.x Information Disclosure [2.5.0 - 2.5.3]CVE-2012-1611CWE-200CWE-200High
Joomla! Core 2.5.x Information Disclosure [2.5.0 - 2.5.4]CVE-2012-2748CWE-200CWE-200High
Joomla! Core 2.5.x Information Disclosure [2.5.0 - 2.5.8]CVE-2013-1453CWE-200CWE-200High
Joomla! Core 2.5.x Information Disclosure [2.5.0 - 2.5.9]CVE-2013-3057CWE-200CWE-200High
Joomla! Core 3.0.x Information Disclosure [3.0.0 - 3.0.2]CVE-2013-1454CWE-200CWE-200High
Joomla! Core 3.0.x Information Disclosure [3.0.0 - 3.0.2]CVE-2013-1453CWE-200CWE-200High
Joomla! Core 3.0.x Information Disclosure [3.0.0 - 3.0.2]CVE-2013-1455CWE-200CWE-200High
Joomla! Core 3.0.x Information Disclosure [3.0.0 - 3.0.3]CVE-2013-3057CWE-200CWE-200High
Joomla! Core 3.7.x Information Disclosure [3.7.0 - 3.7.5]CVE-2017-14595CWE-200CWE-200High
Joomla! Core 3.9.x Information Disclosure [3.9.0 - 3.9.22]CVE-2020-35614CWE-200CWE-200High
Joomla! Core 3.x.x Information Disclosure [3.0.0 - 3.8.7]CVE-2018-11325CWE-200CWE-200High
Joomla! Core 3.x.x Information Disclosure [3.0.0 - 3.9.19]CVE-2020-15698CWE-200CWE-200High
Joomla! Core 3.x.x Information Disclosure [3.1.0 - 3.8.7]CVE-2018-11327CWE-200CWE-200High
Joomla! Core 3.x.x Information Disclosure [3.4.0 - 3.6.5]CVE-2017-8057CWE-200CWE-200High
Joomla! Core 3.x.x Information Disclosure [3.6.0 - 3.9.12]CVE-2019-18674CWE-200CWE-200High
Joomla! Core 3.x.x Information Disclosure [3.7.0 - 3.8.1]CVE-2017-16633CWE-200CWE-200High
Joomla! Core 3.x.x Information Disclosure [3.8.0 - 3.9.13]CVE-2019-19845CWE-200CWE-200High
Joomla! Core Information Disclosure [1.5.0 - 3.7.5]CVE-2017-14596CWE-200CWE-200High
Joomla! Core Information Disclosure [1.5.0 - 3.8.1]CVE-2017-14596CWE-200CWE-200High
Joomla! Core Information Disclosure [2.5.0 - 3.9.22]CVE-2020-35611CWE-200CWE-200High
Joomla! Core Information Disclosure [2.5.0 - 3.9.22]CVE-2020-35610CWE-200CWE-200High
JSONP enabled by default in MappingJackson2JsonViewCVE-2018-11040CWE-538CWE-538Medium
JVM version leakageCWE-200CWE-200Informational
Laravel log file publicly accessibleCWE-538CWE-538Medium
Macromedia Dreamweaver remote database scriptsCVE-2004-1893CWE-200CWE-200High
Magento CacheleakCWE-200CWE-200High
MantisBT multiple security issuesCVE-2014-9571 CVE-2014-9572 CVE-2014-9573 CVE-2014-9624 CVE-2015-1042CWE-200CWE-200High
Mercurial repository foundCWE-538CWE-538High
Microsoft Frontpage configuration informationCWE-200CWE-200Informational
Microsoft IIS5 NTLM and Basic authentication bypassCVE-2007-2815CWE-264CWE-264High
Microsoft IIS Server service.cnf file foundCWE-538CWE-538Low
Microsoft IIS tilde directory enumerationCWE-20CWE-20High
Microsoft IIS version disclosureCWE-200CWE-200Informational
Microsoft Office possible sensitive informationCWE-200CWE-200Low
Minify arbitrary file disclosureCVE-2013-6619CWE-538CWE-538High
MongoDB HTTP status interfaceCWE-200CWE-200Medium
Multiple vulnerabilities in Ioncube loader-wizard.phpCWE-552CWE-552High
MySQL connection credentialsCWE-538CWE-538High
MySQL username disclosureCWE-538CWE-538Low
Nginx memory disclosure with specially crafted HTTP backend responsesCVE-2012-1180CWE-399CWE-399High
nginx range filter integer overflowCVE-2017-7529CWE-200CWE-200Medium
npm log file publicly accessible [npm-debug.log]CWE-200CWE-200Medium
OData feed accessible anonymouslyCWE-200CWE-200Low
Oracle applications logs publicy availableCWE-200CWE-200Medium
Oracle JavaServer Faces multiple vulnerabilitiesCVE-2013-3827CWE-22CWE-22High
Oracle Reports Services RWServlet environment variables disclosureCWE-200CWE-200Low
Padding oracle attackCWE-209CWE-209High
Password field submitted using GET methodCWE-200CWE-200Medium
PHP-CGI remote code executionCVE-2012-1823 CVE-2012-2311CWE-20CWE-20High
PHP-CS-Fixer cache file publicly accessible [.php_cs.cache]CWE-200CWE-200Medium
PHP-FPM Status PageCWE-200CWE-200Medium
PHP curl_exec[] url is controlled by userCVE-2009-0037CWE-352CWE-352Medium
PHP errors enabledCWE-209CWE-209Medium
PHPinfo pageCWE-200CWE-200Medium
PHPinfo pagesCWE-200CWE-200Medium
PHP opcache-status page publicly accessibleCWE-200CWE-200Medium
Possible database backupCWE-538CWE-538High
Possible sensitive directoriesCWE-200CWE-200Low
Possible sensitive filesCWE-200CWE-200Low
Possible server path disclosure [Unix]CWE-200CWE-200Informational
Possible server path disclosure [Windows]CWE-200CWE-200Informational
Possible social security number disclosedCWE-200CWE-200Medium
Possible SQL Statement in commentCWE-200CWE-200Low
Possible username or password disclosureCWE-200CWE-200Informational
Possible virtual host foundCWE-200CWE-200Low
rack-mini-profiler environment variables disclosureCWE-287CWE-287Medium
Rails controller possible sensitive information disclosureCWE-200CWE-200Medium
Reachable SharePoint interfaceCWE-200CWE-200High
RSA private keyCWE-200CWE-200High
Ruby on Rails database configuration fileCWE-538CWE-538High
SAP ICF /sap/public/info sensitive information disclosureCWE-200CWE-200Medium
SAP Management Console get user listCWE-200CWE-200High
SAP Management Console list logfilesCWE-200CWE-200High
SAP NetWeaver Java AS WD_CHAT information disclosure vulnerabilityCWE-200CWE-200Medium
SAP NetWeaver server info information disclosureCWE-200CWE-200Medium
SAP NetWeaver server info information disclosure BCBCWE-200CWE-200Medium
SAP weak/predictable user credentialsCWE-200CWE-200High
Secrets leakageCWE-200CWE-200Medium
Sensitive pages could be cachedCWE-200CWE-200Low
Server-based source code disclosuresCWE-538CWE-538Medium
Session token in URLCWE-200CWE-200Low
SFTP/FTP credentials exposureCWE-200CWE-200High
SharePoint exposed web servicesCWE-200CWE-200Medium
SharePoint user enumerationCWE-200CWE-200High
Snoop Servlet information disclosureCWE-200CWE-200Low
Source code disclosuresCWE-538CWE-538Medium
SQLite database foundCWE-538CWE-538Medium
Stack Trace Disclosure [Apache MyFaces]CWE-209CWE-209Low
Stack Trace Disclosure [ASP.NET]CWE-209CWE-209Low
Stack Trace Disclosure [CakePHP]CWE-209CWE-209Low
Stack Trace Disclosure [CherryPy]CWE-209CWE-209Low
Stack Trace Disclosure [ColdFusion]CWE-209CWE-209Low
Stack Trace Disclosure [Grails]CWE-209CWE-209Low
Stack Trace Disclosure [GWT]CWE-209CWE-209Low
Stack Trace Disclosure [Java]CWE-209CWE-209Low
Stack Trace Disclosure [Laravel]CWE-209CWE-209Low
Stack Trace Disclosure [Node.js]CWE-209CWE-209Low
Stack Trace Disclosure [Python]CWE-209CWE-209Low
Stack Trace Disclosure [Rails]CWE-209CWE-209Low
Stack Trace Disclosure [Ruby]CWE-209CWE-209Low
Stack Trace Disclosure [Tomcat]CWE-209CWE-209Low
SVN repository foundCWE-538CWE-538High
Symfony databases.yml configuration fileCWE-538CWE-538High
Symfony web debug toolbarCWE-489CWE-489Medium
The Heartbleed BugCVE-2014-0160CWE-200CWE-200High
Tiki Wiki CMS: Arbitrary Code ExecutionHigh
Tiki Wiki CMS: Arbitrary File DownloadHigh
Tiki Wiki CMS: Remote Code Execution via Calendar ModuleHigh
Tomcat status pageCWE-200CWE-200Low
Unencrypted __VIEWSTATE parameterCWE-200CWE-200Medium
Unprotected JSON file leaking secretsCWE-200CWE-200Medium
Unprotected phpMyAdmin interfaceCWE-205CWE-205High
Unrestricted access to NGINX+ API interface [read only]CWE-200CWE-200Medium
Unrestricted access to NGINX+ API interface [read write]CWE-200CWE-200High
Unrestricted access to NGINX+ DashboardCWE-200CWE-200Medium
Unrestricted access to NGINX+ Status moduleCWE-200CWE-200Low
Unrestricted access to NGINX+ Upstream HTTP interfaceCWE-200CWE-200Medium
vBulletin customer number disclosureCVE-2013-6129CWE-264CWE-264High
Virtual host directory listingCWE-538CWE-538Medium
W3 total cache debug modeCWE-489CWE-489Medium
Weak passwordCWE-200CWE-200High
web.xml configuration file disclosureCWE-538CWE-538High
webadmin.php scriptCWE-552CWE-552High
Webalizer scriptCWE-538CWE-538Medium
Web application default/weak credentialsCWE-200CWE-200High
WebDAV directory listingCWE-538CWE-538Medium
WebLogic admin console weak credentialsCWE-693CWE-693High
Webmail weak passwordCWE-200CWE-200High
Web server default welcome pageCWE-200CWE-200Informational
WordPress database credentials disclosureCWE-538CWE-538Medium
WordPress debug modeCWE-200CWE-200High
WordPress full path disclosureCWE-200CWE-200Low
WordPress pingback scannerCVE-2013-0235CWE-918CWE-918Medium
WordPress Pingback Source URI Denial of Service and Information Disclosure Vulnerabilities [0.6.2 - 2.1.3]CVE-2007-0540CWE-200 CWE-400CWE-200 CWE-400High
WordPress Plugin A2 Optimized WP Information Disclosure [2.0.10.8]CWE-200CWE-200High
WordPress Plugin AccessAlly Information Disclosure [3.5.6]CVE-2021-24226CWE-200CWE-200High
WordPress Plugin ACF to REST API Information Disclosure [3.2.0]CVE-2020-13700CWE-200CWE-200High
WordPress Plugin Activity Log Information Disclosure [2.2.12]CWE-200CWE-200High
WordPress Plugin Acumbamail Information Disclosure [1.0.4]CWE-200CWE-200High
WordPress Plugin Advanced Contact form 7 DB Information Disclosure [1.1.0]CWE-200CWE-200High
WordPress Plugin Advanced Contact form 7 DB Information Disclosure [1.6.2]CWE-200CWE-200High
WordPress Plugin Advanced Woo Search Information Disclosure [1.99]CVE-2020-12070CWE-200CWE-200High
WordPress Plugin Advanced XML Reader XML External Entity Information Disclosure [0.3.4]CWE-611CWE-611High
WordPress Plugin AlertWire Information Disclosure [1.1.1]CWE-200CWE-200High
WordPress Plugin All-in-One WP Migration Information Disclosure [7.0]CWE-200CWE-200High
WordPress Plugin All in One SEO-Best WordPress SEO-Easily Improve Your SEO Rankings Information Disclosure [2.2.5.1]CVE-2015-0902CWE-200CWE-200High
WordPress Plugin ApplyOnline-Application Form Builder and Manager Arbitrary File Disclosure [1.9.92]CWE-538CWE-538High
WordPress Plugin Aspose Cloud eBook Generator Arbitrary File Download [1.0]CWE-22CWE-22High
WordPress Plugin Aspose DOC Exporter Arbitrary File Download [1.0]CWE-22CWE-22High
WordPress Plugin Aspose Importer & Exporter Arbitrary File Download [2.0]CWE-22CWE-22High
WordPress Plugin Aspose PDF Exporter Arbitrary File Download [1.0]CWE-22CWE-22High
WordPress Plugin BackupBuddy Arbitrary File Download [8.7.4.1]CVE-2022-31474CWE-22CWE-22High
WordPress Plugin BackupBuddy Information Disclosure [2.2.28]CVE-2013-2743 CVE-2013-2744CWE-200CWE-200High
WordPress Plugin Be POPIA Compliant Information Disclosure [1.1.5]CVE-2022-1186CWE-200CWE-200High
WordPress Plugin Better WordPress Minify Arbitrary File Disclosure [1.2.2]CWE-538CWE-538High
WordPress Plugin Breadcrumb NavXT Information Disclosure [6.1.0]CWE-200CWE-200High
WordPress Plugin BuddyPress Information Disclosure [5.1.1]CVE-2020-5244CWE-200CWE-200High
WordPress Plugin BulletProof Security Information Disclosure [5.1]CVE-2021-39327CWE-200CWE-200High
WordPress Plugin Caldera Forms-More Than Contact Forms Arbitrary File Disclosure [1.8.1]CWE-538CWE-538High
WordPress Plugin Caldera Forms-More Than Contact Forms Information Disclosure [1.3.5.2]CWE-200CWE-200High
WordPress Plugin Candidate Application Form Arbitrary File Disclosure [1.6]CWE-538CWE-538High
WordPress Plugin Candidate Application Form Arbitrary File Download [1.0]CVE-2015-1000005CWE-22CWE-22High
WordPress Plugin Cart66 Pro Arbitrary File Disclosure [1.5.3]CVE-2014-9461CWE-22CWE-22High
WordPress Plugin Cherry Services List Information Disclosure [1.4.1]CWE-200CWE-200High
WordPress Plugin Cherry Team Members Information Disclosure [1.4.1]CWE-200CWE-200High
WordPress Plugin Child Theme Configurator Arbitrary File Disclosure [1.7.4]CWE-538CWE-538High
WordPress Plugin Cimy User Manager 'cimy_um_filename' Parameter Arbitrary File Disclosure [1.4.2]CWE-22CWE-22High
WordPress Plugin cloudsafe365_for_WP 'file' Parameter Remote File Disclosure [1.46]CWE-22CWE-22High
WordPress Plugin CodeArt-Google MP3 Player Arbitrary File Disclosure [1.0.11]CWE-538CWE-538High
WordPress Plugin Contact Form 7 Database Information Disclosure [1.3]CWE-200CWE-200High
WordPress Plugin Contact Form Email Information Disclosure [1.2.66]CWE-200CWE-200High
WordPress Plugin Count per Day Arbitrary File Download and Cross-Site Scripting Vulnerabilities [3.1]CVE-2012-0896CWE-22 CWE-79CWE-22 CWE-79High
WordPress Plugin Count per Day Information Disclosure [3.2.5]CWE-200CWE-200High
WordPress Plugin CP Image Store with Slideshow Arbitrary File Download [1.0.5]CWE-22CWE-22High
WordPress Plugin Crayon Syntax Highlighter Local File Disclosure [2.6.10]CWE-22CWE-22High
WordPress Plugin Credova_Financial Information Disclosure [1.4.8]CVE-2021-39342CWE-200CWE-200High
WordPress Plugin Customize WordPress Emails and Alerts-Better Notifications for WP Information Disclosure [1.8.6]CVE-2022-0345CWE-200CWE-200High
WordPress Plugin Direct Download for Woocommerce Arbitrary File Download [1.15]CWE-538CWE-538High
WordPress Plugin Doneren met Mollie Information Disclosure [2.8.4]CWE-200CWE-200High
WordPress Plugin Download Monitor Information Disclosure [1.6.3]CWE-538CWE-538High
WordPress Plugin Download Shortcode Arbitrary File Disclosure [0.1]CWE-22CWE-22High
WordPress Plugin Download Zip Attachments Arbitrary File Download [1.0.0]CVE-2015-4704CWE-22CWE-22High
WordPress Plugin Duplicator-WordPress Migration Arbitrary File Disclosure [0.3.0]CWE-22CWE-22High
WordPress Plugin Duplicator-WordPress Migration Arbitrary File Download [1.3.26]CVE-2020-11738CWE-538CWE-538High
WordPress Plugin DZS Video Gallery Information Disclosure [3.1.3]CWE-200CWE-200High
WordPress Plugin Easy Author Image Information Disclosure [1.5]CWE-200CWE-200High
WordPress Plugin Easy Contact Forms Export 'file' Parameter Information Disclosure [1.1.0]CWE-22CWE-22High
WordPress Plugin Easy Digital Downloads-Simple eCommerce for Selling Digital Files Information Disclosure [2.7.6]CWE-200CWE-200High
WordPress Plugin Email Log Information Disclosure [1.9]CWE-200CWE-200High
WordPress Plugin Email newsletter 'option' Parameter Information Disclosure [8.0]CWE-200CWE-200High
WordPress Plugin Email Subscribers & Newsletters Information Disclosure [3.4.7]CVE-2018-6015CWE-200CWE-200High
WordPress Plugin Eshop Magic Arbitrary File Disclosure [0.1]CWE-22CWE-22High
WordPress Plugin Fast Velocity Minify Information Disclosure [2.7.6]CVE-2019-19983CWE-200CWE-200High
WordPress Plugin Filedownload 'download.php' Local File Disclosure [0.1]CWE-22CWE-22High
WordPress Plugin File Manager Information Disclosure [6.4]CVE-2020-24312CWE-200CWE-200High
WordPress Plugin Find My Blocks Information Disclosure [3.3.2]CVE-2021-24677CWE-200CWE-200High
WordPress Plugin FireStats Arbitrary File Download [1.6.5]CWE-538CWE-538High
WordPress Plugin Font Awesome Information Disclosure [4.0.0-rc16]CWE-200CWE-200High
WordPress Plugin Formidable Form Builder-Contact Form, Survey & Quiz Forms for WordPress Information Disclosure [2.0.07]CWE-200CWE-200High
WordPress Plugin Forums 'url' Parameter Arbitrary File Disclosure [1.4.3]CVE-2012-4920CWE-22CWE-22High
WordPress Plugin Fusion Engage Local File Disclosure [1.0.5]CWE-22CWE-22High
WordPress Plugin Gallery-Flagallery Photo Portfolio Information Disclosure [4.24]CVE-2014-8491CWE-200CWE-200High
WordPress Plugin Gallery-Flagallery Photo Portfolio SQL Injection and Information Disclosure Vulnerabilities [0.59]CWE-22 CWE-89CWE-22 CWE-89High
WordPress Plugin Gallery by BestWebSoft Arbitrary File Disclosure [3.8.3]CWE-538CWE-538High
WordPress Plugin Ghost Arbitrary File Download [0.5.5]CWE-538CWE-538High
WordPress Plugin GiveWP-Donation and Fundraising Platform Information Disclosure [2.20.2]CVE-2022-2117CWE-200CWE-200High
WordPress Plugin Global Content Blocks PHP Code Execution and Information Disclosure Vulnerabilities [1.5.1]CWE-95 CWE-200CWE-95 CWE-200High
WordPress Plugin GlotPress Information Disclosure [2.2.1]CWE-200CWE-200High
WordPress Plugin Gmail SMTP Arbitrary File Disclosure [1.1.0]CVE-2017-5223CWE-200CWE-200High
WordPress Plugin Google Doc Embedder Arbitrary File Disclosure [2.4.6]CVE-2012-4915CWE-22CWE-22High
WordPress Plugin Google Drive for WordPress Information Disclosure [2.2]CWE-538CWE-538High
WordPress Plugin Gravity Forms Information Disclosure [2.4.8]CVE-2020-13764CWE-200CWE-200High
WordPress Plugin Groundhogg-Marketing Automation & CRM for WordPress Arbitrary File Disclosure [2.0.9.4]CWE-538CWE-538High
WordPress Plugin HB AUDIO GALLERY LITE Arbitrary File Download [1.0.0]CWE-538CWE-538High
WordPress Plugin Health Check & Troubleshooting Arbitrary File Disclosure [1.2.3]CWE-538CWE-538High
WordPress Plugin Helpful Information Disclosure [4.5.25]CVE-2022-2834CWE-200CWE-200High
WordPress Plugin History Collection Arbitrary File Download [1.1.1]CWE-538CWE-538High
WordPress Plugin HTML5 MP3 Player with Playlist Free Information Disclosure [2.6]CVE-2014-9177CWE-200CWE-200High
WordPress Plugin IBS Mappro Arbitrary File Download [0.6]CVE-2015-5472CWE-22CWE-22High
WordPress Plugin Image Export Arbitrary File Download [1.1.0]CVE-2015-5609CWE-22CWE-22High
WordPress Plugin Import all XML, CSV & TXT into WordPress Arbitrary File Disclosure [3.7]CWE-22CWE-22High
WordPress Plugin Import all XML, CSV & TXT into WordPress Information Disclosure [3.6.74]CWE-200CWE-200High
WordPress Plugin IP Blacklist Cloud Arbitrary File Disclosure [3.42]CWE-22CWE-22High
WordPress Plugin iThemes Security [formerly Better WP Security] Information Disclosure [5.1.1]CWE-200CWE-200High
WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Information Disclosure [9.7.1]CVE-2021-24374CWE-200CWE-200High
WordPress Plugin Jigoshop Information Disclosure [1.17.9]CWE-200CWE-200High
WordPress Plugin JM Twitter Cards Information Disclosure [6.1]CWE-200CWE-200High
WordPress Plugin Log Emails Information Disclosure [1.0.6]CWE-200CWE-200High
WordPress Plugin MAC PHOTO GALLERY 'albid' Parameter Arbitrary File Disclosure [2.8]CWE-22CWE-22High
WordPress Plugin MAC PHOTO GALLERY Arbitrary File Download [3.0]CWE-538CWE-538High
WordPress Plugin Mailing List 'dl.php' Arbitrary File Download [1.4.1]CWE-22CWE-22High
WordPress Plugin MapSVG Lite Arbitrary File Disclosure [4.2.3.1]CWE-538CWE-538High
WordPress Plugin Mashshare-Social Media Icons SEO Share Buttons for Facebook, Twitter, Subscribe Information Disclosure [2.3.0]CWE-200CWE-200High
WordPress Plugin Membership Simplified Arbitrary File Download [1.58]CVE-2017-1002008CWE-538CWE-538High
WordPress Plugin Memphis Documents Library Arbitrary File Download [3.1.5]CWE-538CWE-538High
WordPress Plugin MetaSlider Information Disclosure [3.3.1]CWE-200CWE-200High
WordPress Plugin Metform Elementor Contact Form Builder-Flexible and Design-Friendly Contact Form builder for WordPress Information Disclosure [2.1.3]CVE-2022-1442CWE-200CWE-200High
WordPress Plugin MiwoFTP-File & Folder Manager Arbitrary File Disclosure [1.0.4]CWE-538CWE-538High
WordPress Plugin MiwoFTP-File & Folder Manager Arbitrary File Download [1.0.5]CWE-538CWE-538High
WordPress Plugin MP3-jPlayer Information Disclosure [2.3.2]CVE-2015-1000008CWE-200CWE-200High
WordPress Plugin MP3-jPlayer Local File Disclosure [2.3]CWE-538CWE-538High
WordPress Plugin Multi Plugin Installer Arbitrary File Disclosure [1.1.0]CWE-538CWE-538High
WordPress Plugin NextGEN Gallery-WordPress Gallery Information Disclosure [1.9.11]CVE-2013-0291CWE-200CWE-200High
WordPress Plugin Order Export & Order Import for WooCommerce Information Disclosure [1.0.8]CWE-200CWE-200High
WordPress Plugin Organizer Multiple Cross-Site Scripting and Information Disclosure Vulnerabilities [1.2.1]CVE-2012-6511 CVE-2012-6512CWE-79 CWE-200CWE-79 CWE-200High
WordPress Plugin Page and Post Clone Information Disclosure [1.1]CWE-200CWE-200High
WordPress Plugin Page Flip Image Gallery 'book_id' Parameter Remote File Disclosure [0.2.2]CVE-2008-5752CWE-22CWE-22High
WordPress Plugin Paid Memberships Pro 'memberslist-csv.php' Information Disclosure [1.4.9]CWE-538CWE-538High
WordPress Plugin Paid Memberships Pro Information Disclosure [2.5.2]CWE-200CWE-200High
WordPress Plugin PAYPAL CURRENCY CONVERTER BASIC FOR WOOCOMMERCE Arbitrary File Disclosure [1.3]CWE-538CWE-538High
WordPress Plugin PICA Photo Gallery 'imgname' Parameter Information Disclosure [1.0]CWE-22CWE-22High
WordPress Plugin Pike Firewall Information Disclosure [1.4]CWE-200CWE-200High
WordPress Plugin Plugin:Newsletter 'data' Parameter Information Disclosure [1.5]CVE-2012-3588CWE-22CWE-22High
WordPress Plugin Popup Maker-Popup Forms, Optins & More Information Disclosure [1.8.11]CVE-2019-17574CWE-200CWE-200High
WordPress Plugin Product Input Fields for WooCommerce Arbitrary File Download [1.2.6]CWE-538CWE-538High
WordPress Plugin Product Subtitle For WooCommerce Arbitrary File Disclosure [4.1]CWE-538CWE-538High
WordPress Plugin Quick Buy For Woocommerce Arbitrary File Disclosure [2.0]CWE-538CWE-538High
WordPress Plugin RB Agency Local File Disclosure [2.4.7]CWE-22CWE-22High
WordPress Plugin Recent Backups Arbitrary File Download [0.7]CVE-2015-1000006CWE-22CWE-22High
WordPress Plugin S3Bubble Cloud Video With Adverts & Analytics Arbitrary File Download [0.7]CVE-2015-9464CWE-22CWE-22High
WordPress Plugin Save Contact Form 7 Information Disclosure [2.0]CWE-200CWE-200High
WordPress Plugin Sell Downloads Arbitrary File Disclosure [1.0.1]CVE-2014-9511CWE-538CWE-538High
WordPress Plugin Sell Downloads Arbitrary File Disclosure [1.0.17]CWE-22CWE-22High
WordPress Plugin Service Finder-Provider and Business Listing Local File Disclosure [3.0]CWE-538CWE-538High
WordPress Plugin Share Drafts Publicly Information Disclosure [1.1.4]CWE-200CWE-200High
WordPress Plugin ShareYourCart Information Disclosure [1.6.1]CVE-2012-4332CWE-200CWE-200High
WordPress Plugin Shopping Cart & eCommerce Store Information Disclosure [2.0.5]CVE-2014-4942CWE-200CWE-200High
WordPress Plugin Simple Backup Arbitrary File Download [2.7.10]CWE-538CWE-538High
WordPress Plugin Simple Download Button Shortcode 'file' Parameter Information Disclosure [1.0]CWE-22CWE-22High
WordPress Plugin Simple File List Arbitrary File Download [3.2.7]CVE-2022-1119CWE-538CWE-538High
WordPress Plugin Simple Gmail Login Stack Trace Information Disclosure [1.1.3]CVE-2012-6313CWE-200CWE-200High
WordPress Plugin Simple History Information Disclosure [1.0.7]CWE-200CWE-200High
WordPress Plugin Simple History Information Disclosure [2.7.4]CWE-200CWE-200High
WordPress Plugin Simple Image Manipulator Arbitrary File Download [1.0]CVE-2015-1000010CWE-538CWE-538High
WordPress Plugin Simply Static Arbitrary File Download [1.6.2]CWE-22CWE-22High
WordPress Plugin SKU Shortlink For WooCommerce Arbitrary File Disclosure [1.3.4]CWE-538CWE-538High
WordPress Plugin Slack-Chat Information Disclosure [1.5.5]CVE-2019-14367CWE-200CWE-200High
WordPress Plugin Slideshow Information Disclosure [2.2.21]CVE-2015-3634CWE-200CWE-200High
WordPress Plugin Slideshow Multiple Cross-Site Scripting and Information Disclosure Vulnerabilities [2.1.12]CWE-79 CWE-200CWE-79 CWE-200High
WordPress Plugin SL User Create Information Disclosure [0.2.4]CWE-200CWE-200High
WordPress Plugin Social Discussions Remote File Include and Information Disclosure Vulnerabilities [6.1.1]CWE-94 CWE-200CWE-94 CWE-200High
WordPress Plugin Social Network Tabs Information Disclosure [1.7.1]CVE-2018-20555CWE-200CWE-200High
WordPress Plugin SS Downloads Cross-Site Request Forgery and Information Disclosure Vulnerabilities [1.4.3]CWE-352 CWE-538CWE-352 CWE-538High
WordPress Plugin SSL Insecure Content Fixer Information Disclosure [2.0.0]CWE-200CWE-200High
WordPress Plugin Stop User Enumeration Cross-Site Scripting [1.3.7]CWE-79CWE-79High
WordPress Plugin Stop User Enumeration Security Bypass [1.3.18]CWE-264CWE-264High
WordPress Plugin Stop User Enumeration User Enumeration [1.2.4]CWE-203CWE-203High
WordPress Plugin Stop User Enumeration User Enumeration [1.3.4]CWE-203CWE-203High
WordPress Plugin Stop User Enumeration User Enumeration [1.3.8]CWE-203CWE-203High
WordPress Plugin Subscribe to Comments Unsubscribe Challenge Information Disclosure [2.0.2]CWE-200CWE-200High
WordPress Plugin Super Refer A Friend Information Disclosure [1.0]CWE-200CWE-200High
WordPress Plugin Swim Team Arbitrary File Download [1.44.1077]CVE-2015-5471CWE-22CWE-22High
WordPress Plugin Theme Editor Arbitrary File Download [2.5]CVE-2021-24154CWE-538CWE-538High
WordPress Plugin Thinkun Remind 'dirPath' Parameter Information Disclosure [1.1.3]CWE-22CWE-22High
WordPress Plugin Timetable and Event Schedule by MotoPress Information Disclosure [2.3.19]CVE-2021-24585CWE-200CWE-200High
WordPress Plugin Tinymce Thumbnail Gallery 'href' Parameter Information Disclosure [1.0.7]CWE-22CWE-22High
WordPress Plugin Total Upkeep-WordPress Backup plus Restore & Migrate by BoldGrid Information Disclosure [1.14.9]CWE-200CWE-200High
WordPress Plugin TRADIES Information Disclosure [2.2.6]CWE-200CWE-200High
WordPress Plugin U BuddyPress Forum Attachment 'fileurl' Parameter Remote File Disclosure [1.1.1]CWE-22CWE-22High
WordPress Plugin U Extended Comment 'fileurl' Parameter Arbitrary File Download [1.0.1]CWE-22CWE-22High
WordPress Plugin Ultimate Member-User Profile, User Registration, Login & Membership Information Disclosure [1.2.5]CWE-200CWE-200High
WordPress Plugin UnGallery Local File Disclosure [1.5.8]CWE-22CWE-22High
WordPress Plugin Unyson Information Disclosure [2.7.18]CWE-200CWE-200High
WordPress Plugin UpiCRM-Free WordPress CRM and Lead Management Information Disclosure [2.1.8.5]CWE-538CWE-538High
WordPress Plugin User Meta Manager Information Disclosure [3.4.7]CWE-200CWE-200High
WordPress Plugin User Profile Picture Information Disclosure [2.4.0]CVE-2021-24170CWE-200CWE-200High
WordPress Plugin Video Embed & Thumbnail Generator Information Disclosure [1.1]CVE-2012-1786CWE-200CWE-200High
WordPress Plugin Vitamin Multiple Arbitrary File Disclosure Vulnerabilities [1.0.0]CVE-2012-6651CWE-22CWE-22High
WordPress Plugin W3 Total Cache Arbitrary File Disclosure [0.9.3]CVE-2019-6715CWE-538CWE-538High
WordPress Plugin W3 Total Cache Information Disclosure [0.9.2.4]CWE-200CWE-200High
WordPress Plugin WebP Express Arbitrary File Disclosure [0.14.10]CVE-2019-15330CWE-538CWE-538High
WordPress Plugin Welcart e-Commerce Information Disclosure [2.2.7]CWE-200CWE-200High
WordPress Plugin WooCommerce Arbitrary File Download [3.4.5]CWE-538CWE-538High
WordPress Plugin WooCommerce Email Test Information Disclosure [1.5]CWE-200CWE-200High
WordPress Plugin WooCommerce Information Disclosure [4.5.2]CVE-2020-29156CWE-200CWE-200High
WordPress Plugin WordPress Backup to Dropbox Information Disclosure [4.7.1]CWE-200CWE-200High
WordPress Plugin WordPress Mobile Pack Information Disclosure [2.0.1]CVE-2014-5337CWE-264CWE-264High
WordPress Plugin WordPress Mobile Pack Information Disclosure [2.1.2]CVE-2015-9269CWE-200CWE-200High
WordPress Plugin WordPress renaming tool by Vlajo Arbitrary File Download [1.0]CVE-2015-4703CWE-538CWE-538High
WordPress Plugin WordPress Social Stream Information Disclosure [1.6]CWE-522CWE-522High
WordPress Plugin WP-DBManager 'wp-config.php' Arbitrary File Download [2.60]CWE-22CWE-22High
WordPress Plugin wp-FileManager Arbitrary File Disclosure [1.3.0]CWE-22CWE-22High
WordPress Plugin Wp-ImageZoom 'file' Parameter Information Disclosure [1.0.3]CWE-22CWE-22High
WordPress Plugin WP-Live Chat by 3CX Information Disclosure [8.0.28]CWE-200CWE-200High
WordPress Plugin WP-Mon Arbitrary File Disclosure [0.5.1]CWE-22CWE-22High
WordPress Plugin WP-Property-WordPress Powered Real Estate and Property Management Information Disclosure [1.38.3.2]CWE-200CWE-200High
WordPress Plugin WP Activity Log Information Disclosure [3.1.1]CVE-2018-8719CWE-200CWE-200High
WordPress Plugin WP Attachment Export Arbitrary File Download [0.2.3]CWE-538CWE-538High
WordPress Plugin WP CSS 'wp-css-compress.php' Local File Disclosure [2.0.5]CWE-22CWE-22High
WordPress Plugin WP Custom Pages 'url' Parameter Local File Disclosure [0.5.0.1]CVE-2011-1669CWE-22CWE-22High
WordPress Plugin WP e-Commerce Shop Styling Arbitrary File Download [2.5]CVE-2015-5468CWE-22CWE-22High
WordPress Plugin WP Easy full backup Information Disclosure [1.4]CWE-200CWE-200High
WordPress Plugin WP Hide & Security Enhancer Arbitrary File Download [1.3.9.2]CWE-538CWE-538High
WordPress Plugin WP Import Export Information Disclosure [3.9.15]CVE-2022-0236CWE-200CWE-200High
WordPress Plugin WP Import Export Lite Information Disclosure [3.9.15]CVE-2022-0236CWE-200CWE-200High
WordPress Plugin WP Intercom-Slack for WordPress Information Disclosure [1.2.1]CVE-2019-14365CWE-200CWE-200High
WordPress Plugin WP Marketplace-Complete Shopping Cart/eCommerce Solution Arbitrary File Download [2.4.0]CVE-2014-9013 CVE-2014-9014CWE-22CWE-22High
WordPress Plugin WP Mobile Edition Arbitrary File Disclosure [2.2.7]CWE-22CWE-22High
WordPress Plugin WP Online Store Local File Include and Multiple File Disclosure Vulnerabilities [1.3.1]CWE-22 CWE-538CWE-22 CWE-538High
WordPress Plugin WP PHP widget Information Disclosure [1.0.2]CVE-2013-0721CWE-200CWE-200High
WordPress Plugin WP REST API [WP API] Information Disclosure [1.2]CWE-200CWE-200High
WordPress Plugin WP SlackSync Information Disclosure [1.8.5]CVE-2019-14366CWE-200CWE-200High
WordPress Plugin wp superb Slideshow Information Disclosure [2.4]CWE-200CWE-200High
WordPress Plugin wptf-image-gallery Arbitrary File Download [1.0.3]CVE-2015-1000007CWE-538CWE-538High
WordPress Plugin Yoast SEO Information Disclosure [3.2.4]CWE-200CWE-200High
WordPress Plugin Zip Attachments Arbitrary File Download [1.4]CVE-2015-4694CWE-538CWE-538High
WordPress REST API User EnumerationCWE-200CWE-200Low
WordPress username enumerationCWE-200CWE-200Medium
WordPress W3 Total Cache plugin predictable cache filenamesCVE-2012-6077 CVE-2012-6078 CVE-2012-6079CWE-200CWE-200High
WPEngine _wpeprivate/config.json information disclosureCWE-200CWE-200High
WS_FTP log file foundCWE-538CWE-538Medium
X-Forwarded-For HTTP header security bypassCWE-287CWE-287High
XML entity injectionCWE-611CWE-611High
XML external entity injectionCWE-611CWE-611High
XML external entity injection [variant]CWE-611CWE-611High
XML external entity injection and XML injectionCWE-611CWE-611High
XML external entity injection via external fileCWE-611CWE-611High
XML external entity injection via File UploadCWE-611CWE-611High
Yii2 debug toolkitCWE-200CWE-200Medium
Zend framework configuration file information disclosureCWE-538CWE-538High
Zend Framework local file disclosure via XXE injectionCVE-2012-3363 CVE-2015-5161CWE-611CWE-611High

What is disclosure in information security?

Information disclosure, also known as information leakage, is when a website unintentionally reveals sensitive information to its users. Depending on the context, websites may leak all kinds of information to a potential attacker, including: Data about other users, such as usernames or financial information.

What are the different types of security disclosures?

The paths to vulnerability disclosure that an organization can take include the following..
Responsible disclosures. ... .
Coordinated vulnerability disclosures. ... .
Self-disclosures. ... .
Third-party disclosures. ... .
Vendor disclosures. ... .
Full disclosures..

Which of the following is an example of information disclosure?

Some basic examples of information disclosure are as follows: Revealing the names of hidden directories, their structure, and their contents via a robots. txt file or directory listing. Providing access to source code files via temporary backups.

What is CVE in security?

CVE stands for Common Vulnerabilities and Exposures. CVE is a glossary that classifies vulnerabilities. The glossary analyzes vulnerabilities and then uses the Common Vulnerability Scoring System [CVSS] to evaluate the threat level of a vulnerability.

Bài Viết Liên Quan

Top 5 máy thổi tuyết được đánh giá cao năm 2023
Top 5 launcher cho android năm 2023
5 nhà cung cấp điện toán đám mây hàng đầu thế giới năm 2023
Top gun 2 trên netflix năm 2023
Cầu thủ bóng đá giả tưởng hàng đầu trong 5 năm qua năm 2023
Top 10 hương vị g Fuel tốt nhất năm 2023
Top 100 phim ăn khách nhất mọi thời đại năm 2023
Top 5 soda trên thế giới năm 2023
25 trình điều khiển nascar hàng đầu mọi thời đại năm 2023
5 trang web bất động sản hàng đầu năm 2023
Top 10 phim hài hay nhất năm 2023
Top 10 xe bán chạy tháng 7
Top 10 bài hát năm 1952 năm 2023
Top 5 tàu lượn đáng sợ nhất thế giới năm 2023
Top 100 xạ thủ ba điểm nba năm 2023
5 điều hàng đầu để xem ở naples ý năm 2023
Top 10 quốc gia xem phim khiêu dâm nhiều nhất năm 2023
Top 10 súng nerf tự động năm 2023
Top 10 cú úp rổ nhiều nhất trong lịch sử nba năm 2023
Which type of media would be used with a card reader attached to a laptop?

Toplist mới

#1
Top 9 toán lớp 6 bài 5 trang 17 18 19 2023
6 tháng trước
#2
Top 7 nội dung câu chuyện những con sếu bằng giấy 2023
6 tháng trước
#3
Top 13 tuổi quý mùi mua xe màu gì hợp 2023
6 tháng trước
#4
Top 5 vai ác luôn đối ta chảy nước dãi ba thước 2023
6 tháng trước
#5
Top 6 pháo hôi nam xứng tay xé giả thiếu gia kịch bản 2023
6 tháng trước
#6
Top 7 quy định về giao tiếp ứng xử với người bệnh 2023
6 tháng trước
#7
Top 8 moocgan phát hiện ra các quy luật di truyền khi nghiên cứu đối tượng nào sau đây 2023
6 tháng trước
#8
Top 10 trắc nghiệm văn tế nghĩa sĩ cần giuộc 2023
6 tháng trước
#9
Top 9 liên thông trái ngành đại học kinh tế 2023
6 tháng trước

Bài mới nhất

Bài tập định luật ôm cho các loại mạch điện năm 2024
De thi toán lớp 3 học kì 1 năm 2023 năm 2024
Sinh dữ tử lành nghĩa là gì năm 2024
45 là con gì trong số đề năm 2024
Diễn viên phim xin lỗi anh yêu em thái lan năm 2024
Top 125 countries by worthy living of un năm 2024
Dđồ ăn làm cơ thể lão hóa nhanh năm 2024
Bức xạ nhiệt là gì vật lý 8 năm 2024
Bài văn thuyết minh về chiếc xe đạp lớp 8 năm 2024
Giáo án tích hợp là gì năm 2024

Chủ Đề

Toplist Địa Điểm Hay Hỏi Đáp Là gì Mẹo Hay programming Học Tốt Nghĩa của từ Công Nghệ Khỏe Đẹp mẹo hay bao nhiêu Top List Bao nhiêu Sản phẩm tốt Xây Đựng Bài Tập Tiếng anh đánh giá Ngôn ngữ Bài tập Ở đâu So Sánh Hướng dẫn bao nhieu So sánh Đại học hướng dẫn Tại sao Máy tính Dịch Món Ngon Bao lâu Thế nào Khoa Học Hà Nội