Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-200 (信息暴露) — Vulnerability Class 2723

2723 vulnerabilities classified as CWE-200 (信息暴露). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-3716 Foreman-installer: candlepin database password being leaked to local users via the process list 6.2 Medium2024-06-05
CVE-2024-5483 LearnPress – WordPress LMS Plugin <= 4.2.6.8 - Basic Information Disclosure via JSON API — LearnPress – WordPress LMS Plugin for Create and Sell Online Courses 5.3 Medium2024-06-05
CVE-2024-36121 netty-incubator-codec-ohttp's BoringSSLAEADContext Repeats Nonces — netty-incubator-codec-ohttp 5.9 Medium2024-06-04
CVE-2024-4220 Information Disclosure in BeyondInsight — BeyondInsight 4.3 Medium2024-06-04
CVE-2023-52147 WordPress All-In-One Security (AIOS) plugin <= 5.2.4 - Secret Login Page Location Disclosure on Multisites vulnerability — All In One WP Security & Firewall 3.7 Low2024-06-04
CVE-2023-49822 WordPress Ultimate Dashboard plugin <= 3.7.10 - Secret Login Page Location Disclosure on Multisites vulnerability — Ultimate Dashboard 3.7 Low2024-06-04
CVE-2023-49774 WordPress WP Photo Album Plus plugin <= 8.5.02.005 - IP Bypass vulnerability — WP Photo Album Plus 5.3 Medium2024-06-04
CVE-2023-49748 WordPress WPS Hide Login plugin <= 1.9.11 - Secret Login Page Location Disclosure on Multisites vulnerability — WPS Hide Login 3.7 Low2024-06-04
CVE-2023-48335 WordPress Hide login page plugin <= 1.1.9 - Secret Login Page Location Disclosure on Multisites vulnerability — Hide login page 3.7 Low2024-06-04
CVE-2023-47818 WordPress LWS Hide Login plugin <= 2.1.8 - Secret Login Page Location Disclosure on Multisites vulnerability — LWS Hide Login 3.7 Low2024-06-04
CVE-2024-34754 WordPress Contact Form Widget plugin <= 1.3.9 - Sensitive Data Exposure vulnerability — Contact Form Widget 5.3 Medium2024-06-03
CVE-2024-23107 Fortinet FortiWeb 信息泄露漏洞 — FortiWeb 5.2 Medium2024-06-03
CVE-2024-34005 moodle: authenticated LFI risk in some misconfigured shared hosting environments via modified mod_data backup 8.8 -2024-05-31
CVE-2024-34004 moodle: authenticated LFI risk in some misconfigured shared hosting environments via modified mod_wiki backup 8.8 -2024-05-31
CVE-2024-34003 moodle: authenticated LFI risk in some misconfigured shared hosting environments via modified mod_workshop backup 8.8 -2024-05-31
CVE-2024-34002 moodle: authenticated LFI risk in some misconfigured shared hosting environments via modified mod_feedback backup 8.1 -2024-05-31
CVE-2024-5524 Information exposure vulnerability in Astrotalks — Astrotalks 5.3 Medium2024-05-31
CVE-2024-36118 Unauthorized viewing of workspace test cases in MeterSphere — metersphere 3.5 Low2024-05-30
CVE-2024-36107 Information disclosure in minio — minio 5.3 Medium2024-05-28
CVE-2024-24919 Information disclosure — Check Point Quantum Gateway, Spark Gateway and CloudGuard Network 8.6 High2024-05-28
CVE-2024-34029 AD/LDAP Group Members Leak — Mattermost 4.3 Medium2024-05-26
CVE-2024-5354 anji-plus AJ-Report detailByCode information disclosure — AJ-Report 4.3 Medium2024-05-26
CVE-2024-5202 Dimensions RM - Arbitrary File Read — Dimensions RM 7.7 High2024-05-23
CVE-2024-28188 jupyter-scheduler's endpoint is missing authentication — jupyter-scheduler 5.3 Medium2024-05-23
CVE-2024-35223 Dapr API Token Exposure — dapr 5.3 Medium2024-05-23
CVE-2024-5230 EnvaySoft FleetCart information disclosure — FleetCart 5.3 Medium2024-05-23
CVE-2024-1968 Authorization Header Leakage in scrapy/scrapy on Scheme Change Redirects — scrapy/scrapy 5.3AIMediumAI2024-05-20
CVE-2024-5096 Hipcam Device MAC Address wifi.mac information disclosure — Device 5.3 Medium2024-05-19
CVE-2024-32131 WordPress Download Manager plugin <= 3.2.82 - File Password Lock Bypass vulnerability — Download Manager 5.3 Medium2024-05-17
CVE-2024-4837 Trust Boundary Violation Vulnerability — Telerik Report Server 5.3 Medium2024-05-15

Vulnerabilities classified as CWE-200 (信息暴露) represent 2723 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.