Vulnerabilities > File and Directory Information Exposure
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-21 | CVE-2019-12623 | File and Directory Information Exposure vulnerability in Cisco Enterprise Network Functions Virtualization Infrastructure A vulnerability in the web server functionality of Cisco Enterprise Network Functions Virtualization Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to perform file enumeration on an affected system. | 4.3 |
2019-08-01 | CVE-2018-20932 | File and Directory Information Exposure vulnerability in Cpanel cPanel before 70.0.23 exposes Apache HTTP Server logs after creation of certain domains (SEC-406). | 2.7 |
2019-05-21 | CVE-2019-10320 | File and Directory Information Exposure vulnerability in Jenkins Credentials Jenkins Credentials Plugin 2.1.18 and earlier allowed users with permission to create or update credentials to confirm the existence of files on the Jenkins master with an attacker-specified path, and obtain the certificate content of files containing a PKCS#12 certificate. | 4.3 |
2019-01-07 | CVE-2018-11798 | File and Directory Information Exposure vulnerability in Apache Thrift The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to contain a security vulnerability in which a remote user has the ability to access files outside the set webservers docroot path. | 6.5 |
2018-09-12 | CVE-2018-16970 | File and Directory Information Exposure vulnerability in Wisetail Learning Management System Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to download non-purchased course files via a modified id parameter. | 4.3 |
2018-06-11 | CVE-2017-5387 | File and Directory Information Exposure vulnerability in Mozilla Firefox The existence of a specifically requested local file can be found due to the double firing of the "onerror" when the "source" attribute on a "<track>" tag refers to a file that does not exist if the source page is loaded locally. | 3.3 |
2018-05-15 | CVE-2018-10590 | File and Directory Information Exposure vulnerability in Advantech products In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an information exposure vulnerability through directory listing has been identified, which may allow an attacker to find important files that are not normally visible. | 7.5 |
2017-07-27 | CVE-2016-10399 | File and Directory Information Exposure vulnerability in Sendio Sendio versions before 8.2.1 were affected by a Local File Inclusion vulnerability that allowed an unauthenticated, remote attacker to read potentially sensitive system files via a specially crafted URL. | 7.5 |