Vulnerabilities > File and Directory Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-02 | CVE-2024-0191 | File and Directory Information Exposure vulnerability in NIA RRJ Nueva Ecija Engineer Online Portal 1.0 A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. | 5.3 |
| 2023-11-23 | CVE-2023-4595 | File and Directory Information Exposure vulnerability in Seattlelab Slmail 5.5.0.4433 An information exposure vulnerability has been found, the exploitation of which could allow a remote user to retrieve sensitive information stored on the server such as credential files, configuration files, application files, etc., simply by appending any of the following parameters to the end of the URL: %00 %0a, %20, %2a, %a0, %aa, %c0 and %ca. | 6.5 |
| 2022-02-09 | CVE-2021-40363 | File and Directory Information Exposure vulnerability in Siemens Simatic PCS 7 and Simatic Wincc A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V17 (All versions <= V17 Update 4), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 6). | 7.8 |
| 2021-01-15 | CVE-2021-21250 | File and Directory Information Exposure vulnerability in Onedev Project Onedev OneDev is an all-in-one devops platform. | 4.0 |
| 2019-08-21 | CVE-2019-12623 | File and Directory Information Exposure vulnerability in Cisco Enterprise Network Functions Virtualization Infrastructure A vulnerability in the web server functionality of Cisco Enterprise Network Functions Virtualization Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to perform file enumeration on an affected system. | 4.0 |
| 2019-08-01 | CVE-2018-20932 | File and Directory Information Exposure vulnerability in Cpanel cPanel before 70.0.23 exposes Apache HTTP Server logs after creation of certain domains (SEC-406). | 4.0 |
| 2019-05-21 | CVE-2019-10320 | File and Directory Information Exposure vulnerability in Jenkins Credentials Jenkins Credentials Plugin 2.1.18 and earlier allowed users with permission to create or update credentials to confirm the existence of files on the Jenkins master with an attacker-specified path, and obtain the certificate content of files containing a PKCS#12 certificate. | 4.3 |
| 2019-01-07 | CVE-2018-11798 | File and Directory Information Exposure vulnerability in Apache Thrift The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to contain a security vulnerability in which a remote user has the ability to access files outside the set webservers docroot path. | 6.5 |
| 2018-09-12 | CVE-2018-16970 | File and Directory Information Exposure vulnerability in Wisetail Learning Management System Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to download non-purchased course files via a modified id parameter. | 4.0 |
| 2018-06-11 | CVE-2017-5387 | File and Directory Information Exposure vulnerability in Mozilla Firefox The existence of a specifically requested local file can be found due to the double firing of the "onerror" when the "source" attribute on a "<track>" tag refers to a file that does not exist if the source page is loaded locally. | 2.1 |