Falhas do tipo CWE-598
80 resultadosCVE-2025-3943MEDIUMUse of GET Request Method With sensitive Query StringsEPSS 7.1%CVE-2017-3185—ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC have a web application that uses the GET method EPSS 3.2%CVE-2018-14822—Entes EMG12 versions 2.57 and prior an information exposure through query strings vulnerability in the web interface has been identified, whEPSS 2.9%CVE-2018-5467—An Information Exposure Through Query Strings in GET Request issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACHEPSS 1.3%CVE-2023-6014CRITICALMLflow Authentication BypassEPSS 1.2%CVE-2017-9280MEDIUMNovell Identity Manager User Application get request url contains the session token.EPSS 1.1%CVE-2017-8443—In Kibana X-Pack security versions prior to 5.4.3 if a Kibana user opens a crafted Kibana URL the result could be a redirect to an improperlEPSS 1.1%CVE-2019-6531—An attacker could retrieve passwords from a HTTP GET request from the Kunbus PR100088 Modbus gateway versions prior to Release R02 (or SoftwEPSS 1.0%CVE-2019-18573HIGHThe RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain a Session Fixation vulnerEPSS 1.0%CVE-2023-37935MEDIUMA use of GET request method with sensitive query strings vulnerability in Fortinet FortiOS 7.0.0 - 7.0.12, 7.2.0 - 7.2.5 and 7.4.0 allows anEPSS 0.9%CVE-2021-36328HIGHDell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. A remote malicious user may potentially exploit EPSS 0.8%CVE-2021-21594HIGHDell PowerScale OneFS versions 8.2.2 - 9.1.0.x contain a use of get request method with sensitive query strings vulnerability. It can lead tEPSS 0.8%CVE-2020-5331HIGHRSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an information exposure vulnerability. Users’ session information could potentially EPSS 0.7%CVE-2025-0730MEDIUMTP-Link TL-SG108E HTTP GET Request usr_account_set.cgi get request method with sensitive query stringsEPSS 0.6%CVE-2022-24414HIGHDell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. These request parameters can get logged in reverseEPSS 0.6%CVE-2023-50328LOWIBM PowerSC information disclosureEPSS 0.5%CVE-2026-34020HIGHApache OpenMeetings: Login Credentials Passed via GET Query ParametersEPSS 0.5%CVE-2023-32335LOWIBM Maximo Application Suite information disclosureEPSS 0.5%CVE-2025-52901MEDIUMFile Browser allows sensitive data to be transferred in URLEPSS 0.5%CVE-2026-22644MEDIUMCertain requests pass the authentication token in the URL as string query parameter, making it vulnerable to theft through server logs, proxEPSS 0.5%