Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-598 (通过GET请求中的查询字符串导致的信息暴露) — Vulnerability Class 55

55 vulnerabilities classified as CWE-598 (通过GET请求中的查询字符串导致的信息暴露). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-34020 Apache OpenMeetings: Login Credentials Passed via GET Query Parameters — Apache OpenMeetings 7.5AIHighAI2026-04-09
CVE-2026-25118 immich-server: Insecure Transmission of Authentication Credentials via Password Parameter in HTTP Request Query String When Accessing Shared Albums — immich 8.1AIHighAI2026-04-03
CVE-2026-33620 PinchTab: API Bearer Token Exposed in URL Query Parameter via Server Logs and Intermediary Systems — pinchtab 4.3 Medium2026-03-26
CVE-2025-14808 IBM InfoSphere Information Server is vulnerable due to disclosure of sensitive information — InfoSphere Information Server 3.1 Low2026-03-25
CVE-2026-31381 Gainsight Assist plugin information disclosure — Gainsight Assist 5.3 Medium2026-03-20
CVE-2025-14811 IBM Sterling Partner Engagement Manager Information Disclosure — Sterling Partner Engagement Manager 3.1 Low2026-03-13
CVE-2025-13219 Multiple vulnerabilities in IBM Aspera Orchestrator — Aspera Orchestrator 5.9 Medium2026-03-10
CVE-2025-41772 wwwupdate.cgi Session token in URL — UBR-01 Mk II 7.5 High2026-03-09
CVE-2026-26196 Gogs: Access tokens get exposed through URL params in API requests — gogs 5.3 -2026-03-05
CVE-2026-23846 Tugtainer vulnerable to Password Exposure via URL Query Parameter — tugtainer 8.1 High2026-01-19
CVE-2026-22644 SICK Incoming Goods Suite 安全漏洞 — Incoming Goods Suite 5.3 Medium2026-01-15
CVE-2025-69270 Spectrum session token in URL — DX NetOps Spectrum 8.1AIHighAI2026-01-12
CVE-2025-36371 IBM i Information Disclosure — i 6.5 Medium2025-11-19
CVE-2025-31954 HCL iAutomate is susceptible to a sensitive information disclosure — iAutomate 5.4 Medium2025-11-05
CVE-2025-32916 Sensitive form data in URL query parameters — Checkmk 5.3AIMediumAI2025-10-09
CVE-2025-58584 Plain Text Transmission of Username and Password in the URL — Baggage Analytics 5.3 Medium2025-10-06
CVE-2025-54542 Sending Password in GET Request — QuickCMS 7.8AIHighAI2025-08-28
CVE-2025-8997 OpenText Enterprise Security Manager Information Exposure — OpenText Enterprise Security Manager 7.5AIHighAI2025-08-25
CVE-2025-40742 Siemens多款产品 安全漏洞 — SIPROTEC 5 6MD84 (CP300) 5.3 Medium2025-07-08
CVE-2025-52901 File Browser allows sensitive data to be transferred in URL — filebrowser 4.5 Medium2025-06-30
CVE-2025-49188 Sensitive Data in URL — SICK Field Analytics 5.3 Medium2025-06-12
CVE-2025-3943 Use of GET Request Method With sensitive Query Strings — Niagara Framework 4.1 Medium2025-05-22
CVE-2024-9877 Sensitive information submitted using GET method — ANC 4.3 Medium2025-04-30
CVE-2025-3637 Moodle: csrf token exposure via url in moodle mod_data module 3.1 Low2025-04-25
CVE-2025-32021 Weblate VCS credentials included in URL parameters are potentially logged and saved into browser history as plaintext — weblate 2.2 Low2025-04-15
CVE-2025-2356 BlackVue App API deviceDelete get request method with sensitive query strings — App 3.7 Low2025-03-17
CVE-2025-1738 Multiple vulnerabilities in Trivision Camera NC227WF — Camera NC227WF 6.2 Medium2025-02-27
CVE-2025-26473 Outback Power Mojave Inverter Use of GET Request Method With Sensitive Query Strings — Mojave Inverter 7.5 High2025-02-13
CVE-2024-12012 Nozomi Networks TCP/IP Gateway 安全漏洞 — 130.8005 5.7 Medium2025-02-13
CVE-2025-0730 TP-Link TL-SG108E HTTP GET Request usr_account_set.cgi get request method with sensitive query strings — TL-SG108E 3.7 Low2025-01-27

Vulnerabilities classified as CWE-598 (通过GET请求中的查询字符串导致的信息暴露) represent 55 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.