Vulnerabilities > Information Exposure

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-06	CVE-2016-10790	Information Exposure vulnerability in Cpanel cPanel before 60.0.25 does not use TLS for HTTP POSTs to listinput.cpanel.net (SEC-192). network low complexity cpanel CWE-200	7.5
2019-08-06	CVE-2016-10786	Information Exposure vulnerability in Cpanel cPanel before 60.0.25 allows members of the nobody group to read Apache HTTP Server SSL keys (SEC-186). network low complexity cpanel CWE-200	6.5
2019-08-06	CVE-2016-10785	Information Exposure vulnerability in Cpanel cPanel before 60.0.25 allows attackers to discover file contents during file copy operations (SEC-185). network low complexity cpanel CWE-200	6.5
2019-08-05	CVE-2019-3800	Information Exposure vulnerability in multiple products CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. local low complexity pivotal apigee newrelic microsoft appdynamics bluemedora contrastsecurity cyberark datadoghq datastax dynatrace forgerock google ibm pagerduty riverbed signalsciences wavefront tibco solace snyk samba splunk sumologic synopsys yugabyte anynines CWE-200	7.8
2019-08-05	CVE-2017-18478	Information Exposure vulnerability in Cpanel In cPanel before 62.0.4 incorrect ACL checks could occur in xml-api for Rearrange Account actions (SEC-207). network low complexity cpanel CWE-200	6.5
2019-08-05	CVE-2017-18474	Information Exposure vulnerability in Cpanel cPanel before 62.0.4 allows arbitrary file-read operations via Exim valiases (SEC-201). network low complexity cpanel CWE-200	6.5
2019-08-02	CVE-2019-7852	Information Exposure vulnerability in Magento A path disclosure vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. network low complexity magento CWE-200	5.3
2019-08-02	CVE-2017-18436	Information Exposure vulnerability in Cpanel cPanel before 64.0.21 allows demo accounts to read files via a Fileman::getfileactions API2 call (SEC-239). low complexity cpanel CWE-200	3.5
2019-08-02	CVE-2017-18432	Information Exposure vulnerability in Cpanel In cPanel before 64.0.21, Horde MySQL to SQLite conversion can leak a database password (SEC-234). local low complexity cpanel CWE-200	7.8
2019-08-02	CVE-2017-18428	Information Exposure vulnerability in Cpanel In cPanel before 66.0.2, Apache HTTP Server domlogs become temporarily world-readable during log processing (SEC-290). local high complexity cpanel CWE-200	2.5

Vulnerabilities > Information Exposure {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Information Exposure"}]}

Vulnerabilities > Information Exposure