Vulnerabilities > File and Directory Information Exposure

DATE CVE VULNERABILITY TITLE RISK
2019-08-21 CVE-2019-12623 File and Directory Information Exposure vulnerability in Cisco Enterprise Network Functions Virtualization Infrastructure
A vulnerability in the web server functionality of Cisco Enterprise Network Functions Virtualization Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to perform file enumeration on an affected system.
network
low complexity
cisco CWE-538
4.3
2019-08-01 CVE-2018-20932 File and Directory Information Exposure vulnerability in Cpanel
cPanel before 70.0.23 exposes Apache HTTP Server logs after creation of certain domains (SEC-406).
network
low complexity
cpanel CWE-538
2.7
2019-05-21 CVE-2019-10320 File and Directory Information Exposure vulnerability in Jenkins Credentials
Jenkins Credentials Plugin 2.1.18 and earlier allowed users with permission to create or update credentials to confirm the existence of files on the Jenkins master with an attacker-specified path, and obtain the certificate content of files containing a PKCS#12 certificate.
network
low complexity
jenkins CWE-538
4.3
2019-01-07 CVE-2018-11798 File and Directory Information Exposure vulnerability in Apache Thrift
The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to contain a security vulnerability in which a remote user has the ability to access files outside the set webservers docroot path.
network
low complexity
apache CWE-538
6.5
2018-09-12 CVE-2018-16970 File and Directory Information Exposure vulnerability in Wisetail Learning Management System
Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to download non-purchased course files via a modified id parameter.
network
low complexity
wisetail CWE-538
4.3
2018-06-11 CVE-2017-5387 File and Directory Information Exposure vulnerability in Mozilla Firefox
The existence of a specifically requested local file can be found due to the double firing of the "onerror" when the "source" attribute on a "<track>" tag refers to a file that does not exist if the source page is loaded locally.
local
low complexity
mozilla CWE-538
3.3
2018-05-15 CVE-2018-10590 File and Directory Information Exposure vulnerability in Advantech products
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an information exposure vulnerability through directory listing has been identified, which may allow an attacker to find important files that are not normally visible.
network
low complexity
advantech CWE-538
7.5
2017-07-27 CVE-2016-10399 File and Directory Information Exposure vulnerability in Sendio
Sendio versions before 8.2.1 were affected by a Local File Inclusion vulnerability that allowed an unauthenticated, remote attacker to read potentially sensitive system files via a specially crafted URL.
network
low complexity
sendio CWE-538
7.5