Fallos del tipo CWE-200

3916 resultados
CVE-2022-32244Under certain conditions an attacker authenticated as a CMS administrator access the BOE Commentary database and retrieve (non-personal) sysEPSS 0.5%CVE-2024-11291MEDIUMPaid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.13.4 - Unauthenticated Content Restriction Bypass to Sensitive Information ExposureEPSS 0.5%CVE-2024-30381HIGHParagon Active Assurance: probe_serviced exposes internal objects to local usersEPSS 0.5%CVE-2022-46158MEDIUMPotential Information exposure in the upload directory in PrestaShopEPSS 0.5%CVE-2024-6550MEDIUMGravity Forms: Multiple Form Instances <= 1.1.1 - Unauthenticated Full Path DisclosureEPSS 0.5%CVE-2022-45167MEDIUMAn issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application allows a basic user to access the profiEPSS 0.5%CVE-2024-6448MEDIUMMollie Payments for WooCommerce <= 7.7.0 - Unauthenticated Full Path DisclosureEPSS 0.5%CVE-2024-7426MEDIUMCommunity by PeepSo – Social Network, Membership, Registration, User Profiles <= 6.4.6.0 - Unauthenticated Full Path DisclosureEPSS 0.5%CVE-2026-2861MEDIUMFoswiki Changes/Viewfile/Oops information disclosureEPSS 0.5%CVE-2025-24886HIGHpwn.college has Symlink LFI in Dojo reposEPSS 0.5%CVE-2023-22813LOWDevice API endpoint missing access controls on Western Digital Mobile and Web AppsEPSS 0.5%CVE-2024-24748MEDIUMDisclosure of the existence of secret subcategories in DiscourseEPSS 0.5%CVE-2026-42213MEDIUMSolidCAM-GPPL-IDE: Path traversal in `inc` directive enables file probing and NTLM-hash leakEPSS 0.5%CVE-2024-42351MEDIUMPossible Data Tampering & Loss of Public Datasets in GalaxyEPSS 0.5%CVE-2024-7391LOWChargePoint Home Flex Bluetooth Low Energy Information Disclosure VulnerabilityEPSS 0.5%CVE-2023-45809LOWDisclosure of user names via admin bulk action views in wagtailEPSS 0.5%CVE-2024-53244MEDIUMRisky command safeguards bypass in “/en-US/app/search/report“ endpoint through “s“ parameterEPSS 0.5%CVE-2024-31490MEDIUMAn exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.4, FortiSandbox 4.2.1EPSS 0.5%CVE-2024-0708MEDIUMLanding Page Cat – Coming Soon Page, Maintenance Page & Squeeze Pages <= 1.7.2 - Unauthenticated Information ExposureEPSS 0.5%CVE-2024-6570MEDIUMGlossary <= 2.2.26 - Unauthenticated Full Path DisclosureEPSS 0.5%