Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-27 | CVE-2018-10523 | Information Exposure vulnerability in Cmsmadesimple CMS Made Simple CMS Made Simple (CMSMS) through 2.2.7 contains a physical path leakage Vulnerability via /modules/DesignManager/action.ajax_get_templates.php, /modules/DesignManager/action.ajax_get_stylesheets.php, /modules/FileManager/dunzip.php, or /modules/FileManager/untgz.php. | 5.3 |
| 2018-04-27 | CVE-2018-10522 | Information Exposure vulnerability in Cmsmadesimple CMS Made Simple In CMS Made Simple (CMSMS) through 2.2.7, the "file view" operation in the admin dashboard contains a sensitive information disclosure vulnerability, exploitable by ordinary users, because the product exposes unrestricted access to the PHP file_get_contents function. | 4.9 |
| 2018-04-27 | CVE-2018-10516 | Information Exposure vulnerability in Cmsmadesimple CMS Made Simple In CMS Made Simple (CMSMS) through 2.2.7, the "file rename" operation in the admin dashboard contains a sensitive information disclosure vulnerability, exploitable by an admin user, that can cause DoS by moving config.php to the upload/ directory. | 6.5 |
| 2018-04-27 | CVE-2015-1857 | Information Exposure vulnerability in Linuxfoundation Opendaylight The odl-mdsal-apidocs feature in OpenDaylight Helium allow remote attackers to obtain sensitive information by leveraging missing AAA restrictions. | 5.3 |
| 2018-04-27 | CVE-2018-10472 | Information Exposure vulnerability in multiple products An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot. | 5.6 |
| 2018-04-27 | CVE-2017-1116 | Information Exposure vulnerability in IBM Campaign IBM Campaign 8.6, 9.0, 9.1, 9.1.1, 9.1.2, and 10.0 contains excessive details on the client side which could provide information useful for an authenticated user to conduct other attacks. | 4.3 |
| 2018-04-26 | CVE-2016-9590 | Information Exposure vulnerability in multiple products puppet-swift before versions 8.2.1, 9.4.4 is vulnerable to an information-disclosure in Red Hat OpenStack Platform director's installation of Object Storage (swift). | 6.5 |
| 2018-04-26 | CVE-2017-9284 | Information Exposure vulnerability in Netiq Identity Manager 4.6/4.6.1/4.6.2 IDM 4.6 Identity Applications prior to 4.6.2.1 may expose sensitive information. | 7.5 |
| 2018-04-26 | CVE-2018-10424 | Information Exposure vulnerability in 1234N Minicms 1.10 mc-admin/post-edit.php in MiniCMS 1.10 allows full path disclosure via a modified id field. | 2.7 |
| 2018-04-26 | CVE-2018-10423 | Information Exposure vulnerability in 1234N Minicms 1.10 mc-admin/post.php in MiniCMS 1.10 allows remote attackers to obtain a directory listing of the top-level directory of the web root via a link that becomes available after posting an article. | 2.7 |